An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code execution, if a quarantining policy is active for
A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code exec
A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to attackers controlling the firewall’s DNS environment to achieve remote code
A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to administrators achieving arbitrary code execution.
A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in Sophos Firewall older than version 21.0 MR1 (21.0.1).
A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving pre-auth code execution on High Availability (HA) auxili
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to pre-auth remote code execution, if a specific conf
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login en
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inject malicious code.
We have alread
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interact
A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3).
A SQL injection vulnerability has been identified in Uniclare Student Portal v2. This flaw allows remote attackers to inject arbitrary SQL commands via vulnerable input fields, enabling the execution
A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Pa
An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands.
We
A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql in
SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12
A vulnerability was found in CodeAstro Real Estate Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /aboutedit.php of the component Ab
A vulnerability was identified in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected by this vulnerability is the function findOrderHosNum of the file /ssm_pro/orderHos/. Suc
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injection
Page 1+ Next →