SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the datab
SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user a malicious query injection. Potential exploitation is limited by the 20-cha
Doubo ERP 1.0 has an SQL injection vulnerability due to a lack of filtering of user input, which can be remotely initiated by an attacker.
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login en
ERP is a free and open source Enterprise Resource Planning tool. In versions prior to 16.8.0 and 15.100.0, certain endpoints were vulnerable to time-based and boolean-based blind SQL injection due to
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through <= 1.16.10.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Case Informatics Case ERP allows SQL Injection.
This issue affects Case ERP: before V2.0.1.
The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter in all versions up to, and including, 1.5.1. This is due to insufficient escaping on the user supplied
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection.
This issue affects MY ERP: before 1.170.
GestSup versions prior to 3.2.60 contain a SQL injection vulnerability in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient neutralization,
A SQL injection vulnerability was found in 'ajax.php' of Sourcecodester Simple Library Management System 1.0. This vulnerability stems from insufficient user input validation of the 'username' paramet
DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker.
Versions 4.0 a
A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manip
A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. Attackers can send GET r
A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Record System 1.0. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipul
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /view_product.php of the component HTTP POST Request H
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /view_category.php of the component HTTP POST Request Handler. This manipu
A vulnerability, which was classified as critical, was found in PHPGurukul Maid Hiring Management System 1.0. This affects an unknown part of the file /admin/search-booking-request.php. The manipulati
Page 1+ Next →