Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter.
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). An attacker can use these credentials to login via ftp and upload a malicious firmware.
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevated privileges are first required for an attacker to access the web application backend system files that contain the hard-coded credentials. Successful exploitation may allow a remote attacker to gain access to the database of the DWP application, which contains PHI. CVSS v3 base score: 9.1, CVSS vector string: AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.
ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in endpoint `/PaddleNumEditor.php` in ChurchCRM prior to version 6.7.2. Any authenticated user, including one with zero assigned permissions, can exploit SQL injection through the `PerID` parameter. Version 6.7.2 contains a patch for the issue.
A vulnerability classified as critical has been found in liujianview gymxmjpa 1.0. This affects the function MembertypeDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/MembertypeController.java. The manipulation of the argument typeName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cool Plugins Events Shortcodes For The Events Calendar.This issue affects Events Shortcodes For The Events Calendar: from n/a through 2.3.1.
SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector.
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is the function delCatelogs of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelogs. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=add_to_card of the component POST Request Handler. The manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php.
The specific query functionality in the FlowMaster BPM Plus from NewType does not properly restrict user input, allowing remote attackers with regular privileges to inject SQL commands to read, modify, or delete database contents.
A vulnerability classified as critical was found in code-projects Online Book Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /subcat.php. The manipulation of the argument cat leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/update_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. This affects an unknown part of the file /home.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Name/Email results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in liujianview gymxmjpa 1.0. It has been classified as critical. Affected is the function SubjectDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java. The manipulation of the argument subname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /MultiServerBackService?path=1. The manipulation of the argument fileId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/search_result2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL injections.
An issue was discovered in MunkiReport before 5.3.0. An authenticated user could achieve SQL Injection in app/models/tablequery.php by crafting a special payload on the /datatables/data endpoint.
A vulnerability was found in liujianview gymxmjpa 1.0. It has been rated as critical. Affected by this issue is the function LoosDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/LoosController.java. The manipulation of the argument loosName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulation of the argument text leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /summary.php. The manipulation of the argument tid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, was found in DedeBIZ 6.2. This affects an unknown part of the file /src/admin/tags_main.php. The manipulation of the argument ids leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240879.
A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agents_modules_csv functionality. This issue affects Pandora FMS: from 700 through <777.3.
A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. The manipulation of the argument hyname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in code-projects Student Management System 1.0. It has been declared as critical. This vulnerability affects the function showSubject1 of the file /config/DbFunction.php. The manipulation of the argument sid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgframework/web/cgform/controller/build/CgFormBuildController. java. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component.
A vulnerability classified as critical was found in huakecms 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/cms_content.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240877 was assigned to this vulnerability.
A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The manipulation of the argument from/to leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter "from" to be affected. But it must be assumed that parameter "to" is affected as well.
A vulnerability, which was classified as critical, was found in leiyuxi cy-fast 1.0. Affected is the function listData of the file /sys/role/listData. The manipulation of the argument order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability has been found in Campcodes Supplier Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_area.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/blood/update/B+.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. Affected is the function delete_user/save_user of the file /admin_class.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. Affected by this issue is some unknown functionality of the file saveNewPwd.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
A vulnerability, which was classified as critical, was found in SourceCodester Simple Invoice Generator System 1.0. Affected is an unknown function of the file /save_invoice.php. The manipulation of the argument invoice_code/customer/cashier/total_amount/discount_percentage/discount_amount/tendered_amount leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. Affected by this vulnerability is an unknown functionality of the file /user/chat/mynewuser of the component Chat. The manipulation of the argument users[] with the input 1'+AND+(SELECT+3220+FROM+(SELECT(SLEEP(5)))ZNun)+AND+'WwBM'%3d'WwBM as part of POST Request Parameter leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.1 is able to address this issue. It is recommended to upgrade the affected component.