Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuser_query plugin via a preg_replace() backslash escape bypass.
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_invoice_items.php?id= .
A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to s
SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php.
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
A vulnerability, which was classified as critical, has been found in Baiyi Cloud Asset Management System up to 20250204. This issue affects some unknown processing of the file /wuser/admin.house.colle
SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET request.
A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote ex
Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerable to SQL Injection in admin/modules/bibliography/pop_author_edit.php.
A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. This manipulation of the argument flags[] causes sql
Unauthenticated SQL Injection in GeekyBot <= 1.2.0 versions.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jiangqie JiangQie Official Website Mini Program jiangqie-official-website-mini-program allows Blin
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges.
Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page.
Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, re