GYM-MANAGEMENT-SYSTEM 安全漏洞

GYM-MANAGEMENT-SYSTEM is a gym management system by Abhishek S Personal Developer. A security vulnerability exists in GYM-MANAGEMENT-SYSTEM version 1.0, which stems from the unvalidated name parameter in membersearch.php, trainersearch.php, and gymsearch.php, and the id parameter in...

CVE-2023-53975

Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks...

EUVD-2018-4633

Malware in sbrugna...

sql-injection-vulnerability

During the security review of "Pet grooming management", discove...

Customer Support System 安全漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from ...

D-Link DAR-7000 SQL注入漏洞

DAR-7000 is an Internet Behavior Audit Gateway from AUO Electronic Devices Shanghai Co. AUO DAR-7000 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter id of the file /user/inc/workidajax.php for externally entered SQL statements. The...

PT-2023-29510 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The id parameter of the "routers/edit-orders.php" resource does not validate the input, making it vulnerable to SQ...

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the lack of validation of the parameter id in the component Add User Handler against externally entered SQL statements, and can be exploited by an attacker to...

Lead Management System SQL注入漏洞

Lead management system is a lead management system developed by Mayuri K. The Lead Management System v1.0 version is vulnerable to SQL injection, which stems from the lack of validation of externally entered SQL statements in the id parameter of removeLead.php, which can be exploited by attackers...

Wedding Planner SQL注入漏洞

Wedding Planner is a wedding planner program. Designed to provide users with an easy way to plan their wedding through a web application while using real data. Wedding Planner v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the id parameter in...

Online Tours & Travels Management System SQL注入漏洞

Online Tours & Travels Management System is an online travel management system by Mayuri K. Personal developer. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which stems from a lack of validation of externally-entered SQL statements in the id parameter of...

Pharmacy Management System SQL注入漏洞

Pharmacy Management System MPMS is a multilingual pharmacy management system from the personal developer Mayuri K. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which stems from a lack of validation of the id parameter in invoiceprint.php against external input SQL...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system from China Sunshine Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing validation of the id parameter in /admin.php/Label/jsdel for external input...