SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.
SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter.
Deltek Vision 7.x before 7.6 permits the execution of any attacker supplied SQL statement through a custom RPC over HTTP protocol. The Vision system relies on the client binary to enforce security rules and integrity of SQL statements and other content being sent to the server. Client HTTP calls can be manipulated by one of several means to execute arbitrary SQL statements (similar to SQLi) or possibly have unspecified other impact via this custom protocol. To perform these attacks an authenticated session is first required. In some cases client calls are obfuscated by encryption, which can be bypassed due to hard-coded keys and an insecure key rotation protocol. Impacts may include remote code execution in some deployments; however, the vendor states that this cannot occur when the installation documentation is heeded.
Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter.
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.
K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter.
apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI.
elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php.
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/bookings/update_status.php?id=.
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie.
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/user/index.php?view=edit&id=.
Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php.
SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the service_selection parameter.
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report indicated that this was the "photo" SourceForge project (aka Maan Bsat Photo Collection), but that was incorrect.
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/services/view_service.php?id=.
youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86.
s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member/member_login.php.
Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection via /ordering/admin/orders/loaddata.php.
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php.
An issue was discovered in YouPHPTube through 7.7. User input passed through the live_stream_code POST parameter to /plugin/LiveChat/getChat.json.php is not properly sanitized (in getFromChat in plugin/LiveChat/Objects/LiveChatObj.php) before being used to construct a SQL query. This can be exploited by malicious users to, e.g., read sensitive data from the database through in-band SQL Injection attacks. Successful exploitation of this vulnerability requires the Live Chat plugin to be enabled.
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page.
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable.
SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows remote attackers to execute arbitrary SQL commands via the (1) identifiant and (2) password parameters.
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rex_list class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rex_list were used.
Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection.
Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) TABLE_WIDGET_2, (4) browserDateTimeInfo, or (5) browserNumberInfo cookie parameter to DashBoardGUI.aspx; or the (6) UID parameter to login.aspx.
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/.
SQL injection exists in Scriptzee Flippa Marketplace Clone 1.0 via the site-search sortBy or sortDir parameter.
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter.
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter.
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.
In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition's value can be controlled by a user's request.
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=.
SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie.
Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php.
SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter.
Docebo Community Edition v4.0.5 and below was discovered to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter.
UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter.
A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file /vm/login.php. The manipulation of the argument useremail/userpassword leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236215.
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter.