Simple Customer Relationship Management SQL注入漏洞

Simple Customer Relationship Management Simple CRM is a simple customer relationship management system by Carlo Montero, a personal developer. A security vulnerability exists in Simple Customer Relationship Management System v1.0, which originates from a SQL injection vulnerability in the contact...

Simple Customer Relationship Management SQL注入漏洞

Simple Customer Relationship Management Simple CRM is a Simple Customer Relationship Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Customer Relationship Management System v1.0, which originates from a SQL injection vulnerability in the company...

Simple Customer Relationship Management SQL注入漏洞

Simple Customer Relationship Management Simple CRM is a simple customer relationship management system by Carlo Montero Personal Developer. A security vulnerability exists in Simple Customer Relationship Management System v1.0, which originates from a SQL injection vulnerability in the address...

Simple Customer Relationship Management SQL注入漏洞

Simple Customer Relationship Management Simple CRM is a Simple Customer Relationship Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Customer Relationship Management System v1.0, which originates from a SQL injection vulnerability in the query...

Sql injection

A vulnerability has been found in lmxcms 1.41 and classified as critical. Affected by this vulnerability is the function update of the file AcquisiAction.class.php. The manipulation of the argument id with the input -1 and updatexml0,concat0x7e,user,1 leads to sql injection. The attack can be...

lmxcms SQL注入漏洞

lmxcms dream cms is a website builder from China Dream Cms lmxcms company. SQL injection vulnerability exists in lmxcms version 1.41, the vulnerability stems from a security issue in the function update in the file AcquisiAction.class.php, which can lead to SQL injection via the parameter id...

PT-2023-16893 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: lmxcms version 1.41 Description: A critical issue has been found in the function update of the file AcquisiAction.class.php. The manipulation of the argument id with specific input leads to SQL injection. The attack can be launched remotely...

PT-2023-10224 · Unknown · Tutranta Project Todolist

Name of the Vulnerable Software and Affected Versions: tutranta project todolist affected versions not specified Description: A critical issue was found in the tutrantta project todolist, affecting the getAffectedRows/where/insert/update function in the library/Database.php library. This issue...

CVE-2022-3991

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

CVE-2022-3991

The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

WordPress plugin Photospace Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Photospace Galler...

Cross-Site Scripting (XSS)

librenms/librenms is vulnerable to cross-site scripting. The vulnerability exists in update function of UserController.php because the username is not properly sanitized in the admin user overview which allows an attacker to inject and execute arbitrary javascript...

BACKCLICK 路径遍历漏洞

BACKCLICK is a marketing software from BACKCLICK Germany that helps organizations create, implement, measure and run web-based email campaigns. A security vulnerability exists in BACKCLICK Professional version 5.9.63 that stems from improper validation or cleanup of uploaded filenames, where an...

CVE-2022-43020

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tagid variable in the Tag update function...

Sql injection

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tagid variable in the Tag update function...

CVE-2022-43020

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tagid variable in the Tag update function...

CVE-2022-43020

OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tagid variable in the Tag update function...

PT-2022-26440 · Generex · Generex Cs141

Name of the Vulnerable Software and Affected Versions: Generex CS141 versions 2.08 through 2.10 Description: The issue allows remote command execution by administrators via a web interface that reaches run update in /usr/bin/gxserve-update.sh. This can occur, for example, via a reverse shell...

SAMSUNG mTower 缓冲区错误漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from an "incorrect length buffer access" vulnerability in the TEECipherUpdate function that could allow a trusted application ...

CVE-2022-37099

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateSnat...