A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDA
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been declared as critical. This vulnerability affects unknown code of the file /Reservations/Search of the component AP
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can res
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can r
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_proposal_update_order.php. The mani
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL SELECT command.
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can resul
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This c
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE comman
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command.
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login en
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result
A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /login_query12.php. This manipulation of the argument ID cause
The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. T
A vulnerability was identified in Das Parking Management System 停车场管理系统 6.2.0. This affects the function xp_cmdshell of the file ParkingRecord/ExportParkingRecords of the component API Endpoint. The m
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command a
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the userinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This
Page 1+ Next →