Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) allows SQL Injection via the main.php searchH parameter.
A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
An issue was discovered on the "Bank Account Matching - Receipts" screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter.
A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. Affected by this vulnerability is an unknown functionality of the file /user/chat/mynewuser of the component Chat. The manipulation of the argument users[] with the input 1'+AND+(SELECT+3220+FROM+(SELECT(SLEEP(5)))ZNun)+AND+'WwBM'%3d'WwBM as part of POST Request Parameter leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.1 is able to address this issue. It is recommended to upgrade the affected component.
Interspire Email Marketer through 6.1.6 has SQL Injection via an updateblock sortorder request to Dynamiccontenttags.php
ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorders action.
NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject SQL into an executing statement and allow arbitrary code execution.
An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter.
In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php.
SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter.
ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ArticleController.class.php and is exploitable by normal authenticated users via the post[id][1] parameter in an article edit_post action.
admin\db\DoSql.php in EmpireCMS through 7.5 allows remote attackers to execute arbitrary PHP code via SQL injection that uses a .php filename in a SELECT INTO OUTFILE statement to admin/admin.php.
A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the function userDao.selectUserByUserNameLike of the file UserServiceImpl.java. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter.
ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action.
Interspire Email Marketer through 6.1.6 has SQL Injection via a deleteblock blockid[] request to Dynamiccontenttags.php.
ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is exploitable with the manager privilege via the ids[] parameter in a slide action.
An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.
Interspire Email Marketer through 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.
A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view-pass-detail.php of the component POST Request Handler. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The identifier VDB-231625 was assigned to this vulnerability.
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user.
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. The manipulation of the argument Type leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-detailed.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 150023.
ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user.
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)
BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /user/ztconfig.php.
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
OpenProject is a web-based project management software. OpenProject versions >= 12.0.0 are vulnerable to a SQL injection in the budgets module. For authenticated users with the "Edit budgets" permission, the request to reassign work packages to another budget unsufficiently sanitizes user input in the `reassign_to_id` parameter. The vulnerability has been fixed in version 12.0.4. Versions prior to 12.0.0 are not affected. If you're upgrading from an older version, ensure you are upgrading to at least version 12.0.4. If you are unable to upgrade in a timely fashion, the following patch can be applied: https://github.com/opf/openproject/pull/9983.patch
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)
The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.
zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter.
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated malicious user with read access to a CVS repository could execute arbitrary SQL queries. Tuleap instances without an active CVS repositories are not impacted. The following versions contain the fix: Tuleap Community Edition 13.2.99.155, Tuleap Enterprise Edition 13.1-7, and Tuleap Enterprise Edition 13.2-6.
An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL injections.
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del.
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145968.
The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter.
Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit category.
A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /admin/changeimage4.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter.
SQL injection vulnerability in AccountStatus.jsp in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary SQL commands via the "username" GET parameter.
The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator.
An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter.
SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.
SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.