Improper neutralization of input provided by an authorized user in article positioning functionality allows for Blind SQL Injection attacks. This issue affects all 3 templates: www, bip and ww+bip.
T
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks.
This issue affects older
A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown functionality of the file /search-reque
An authenticated SQL Injection vulnerability (CWE-89) exists in the Koha staff interface in the /cgi-bin/koha/suggestion/suggestion.pl endpoint due to improper validation of the displayby parameter us
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component (se
A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argume
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /view_category.php of the component HTTP POST Request Handler. This manipu
A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in t
A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Record System 1.0. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipul
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege esca
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file search_member.php. The manipulation of th
A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially
A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Nam
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /incedit.php?id=4. The manipulation of the argum
A vulnerability was identified in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. The impacted element is an unknown function of the file /admin/invoiceprint.php. T
Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method in `FulltextSearch.class.php`. The application direc
A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application fe
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.