14 matches found
EUVD-2022-29460
Malicious code in bioql PyPI...
Tenant Limited 1.0 SQL Injection
Titles: TENANT-LIMITED-1.0 SQLi Author: nu11secur1ty Date: 05/20/2024 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter...
Computer Laboratory Management System v1.0 - Multiple-SQLi
Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 03/28/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...
ChiKoi v1.0 - SQL Injection
Title: ChiKoi-1.0 SQLi Author: nu11secur1ty Date: 01.12.2023 Vendor: https://chikoiquan.tanhongit.com/ Software: https://github.com/tanhongit/new-mvc-shop/releases/tag/v1.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/tanhongit/2023/ChiKoi Description: The...
101news By Mayuri K 1.0 SQL Injection Vulnerability
Title: 101news-by-Mayuri-K-1.0 Multiple-SQLi Author: nu11secur1ty Vendor: https://mayurik.com/ Software: https://mayurik.com/source-code/P4030/news-portal-project-in-php Reference: https://portswigger.net/web-security/sql-injection Description: The comment parameter appears to be vulnerable to SQ...
Senayan Library Management System 9.2.2 SQL Injection
Title: Senayan Library Management System v9.2.2 a.k.a SLIMS 9 Multiple SQLi-Not sanitizing correctly cookie session. Author: nu11secur1ty Date: 12.20.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.2 Reference:...
Senayan Library Management System 9.5.1 SQL Injection
Title: Senayan Library Management System v9.5.1 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 12.06.2022 Vendor: https://slims.web.id/web/ Software: https://slims.web.id/web/news/rilis-9.5.1/ Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.1...
Insurance Management System v1.0 SQL injection Vulnerability
Title: Insurance Management System v1.0 SQLi Author: nu11secur1ty Vendor: https://itsourcecode.com/free-projects/php-project/php-projects-source-code-free-downloads/ Software: https://itsourcecode.com/free-projects/php-project/insurance-management-system-project-in-php-free-download/ Reference:...
Matrimony 1.0 SQL Injection
Title: Matrimony 1.0 SQLi Author: nu11secur1ty Date: 03.05.2022 Vendor: https://www.vetbossel.in/matrimony-project-php/ Software: https://cutt.ly/LOHzKd0, https://www.vetbossel.in/matrimony-project-php/ Reference:...
Air Cargo Management System 1.0 SQL Injection
Title: Air Cargo Management System v1.0 remote SQL-Injections Author: nu11secur1ty Date: 02.18.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15188/air-cargo-management-system-php-oop-free-source-code.html CVE - Air Cargo Management Systemv1....
CVE-2021-45255
The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with that domain,...
CVE-2021-45253
The id parameter in viewstorage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted...
CVE-2021-45253
The id parameter in viewstorage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted...
Video Sharing Website 1.0 SQL Injection
Title: Video Sharing Website 1.0 SQL - Injection Author: nu11secur1ty Date: 12.18.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14584/video-sharing-website-using-phpmysqli-source-code.html Description: The email parameter from ajax.php app o...