CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginAction.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-50862 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'hotelIDHidden' parameter of the booking.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49633 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'buyeraddress' parameter of the buyerdetailsubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49689 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49688 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-49681 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-46789 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic1' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45346 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'role' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45323 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44164 Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

The 'Email' parameter of the processlogin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2022-0771

The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections...

CVE-2021-24361 GeoDirectory Location Manager < 2.1.0.10 - Multiple Unauthenticated SQL Injections

In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues...

SuperStoreFinder & SuperInteractiveMaps - Unauthenticated SQL Injections

The ssf-social-action.php and sim-wp-data.php files from the respective superstorefinder-wp = 5.0.12 AND time-based blind query SLEEP Payload: action=selectwpid=1 AND SELECT 7900 FROM SELECTSLEEP5gxXh Type: UNION query Title: Generic UNION query NULL - 7 columns Payload: action=selectwpid=1 UNION...