SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. Attackers can exploit
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. Th
SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs.
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attac
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been declared as critical. This vulnerability affects unknown code of the file /Reservations/Search of the component AP
A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resource_aggregate.go of the component Aggregate API. The manipulatio
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider (SP) is configured to use an SQL database as stor
Orangescrum 1.8.0 contains an authenticated SQL injection vulnerability that allows authorized users to manipulate database queries through multiple vulnerable parameters. Attackers can inject malicio
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the set_uri_query parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to acc
Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. Attackers can submit POS
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion para
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been classified as critical. This affects an unknown part of the file /IntraFieldVehicle/Search of the component API. T
Fleet is open source device management software. A SQL injection vulnerability in versions prior to 4.80.1 allowed authenticated users to inject arbitrary SQL expressions via the `order_key` query par
eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bid parameter. Attac
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between
Gumbo CMS 0.99 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the language parameter. Attackers can
A security flaw has been discovered in Das Parking Management System 停车场管理系统 6.2.0. This vulnerability affects unknown code of the component Search API Endpoint. The manipulation of the argument Value
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory.
Page 1+ Next →