10 matches found
CVE-2025-56385
A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful authentication may lead to...
EUVD-2009-2607
Malware in sbrugna...
CVE-2023-49688
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
Sql injection
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49688 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-31297 · Unknown · Job Portal
Name of the Vulnerable Software and Affected Versions: Job Portal version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The txtUser parameter of the "login.php" resource does not validate the characters received, and they are sent unfiltered to the...
Kashipara Job Portal SQL Injection Vulnerability
Kashipara Job Portal is an online job portal system from Kashipara. A SQL injection vulnerability exists in Kashipara Job Portal v1.0, which stems from the "txtUser" parameter of login.php that does not validate received characters and sends them to the database unfiltered...
Sql injection
SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-4861
SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi Panjwani Complain Center 1 allows remote attackers to execute arbitrary SQL commands via the 1 TxtUser aka Username and 2 TxtPass aka Password parameters in login.asp...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in wbadmlog.aspx in uniForum 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 txtuser or 2 txtpassword parameters...