InfoSec News & Tutorials
NAME__________Online Pizza Ordering System /php-opos/index.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /php-opos/index.php…
NAME__________Human Resource Management System /hrm/controller/login.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Human Resource Management System is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /hrm/controller/login.php…
NAME__________Prestashop tshirtecommerce SQL injectionPlatforms Affected:Paradox IPR512Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop tshirtecommerce module is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to designer.php script using the product_id…
NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Pacsrapor is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add,…
NAME__________Medical Certificate Generator App SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Medical Certificate Generator App is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the action.php…
NAME__________Student Study Center Desk Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Student Study Center Desk Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL…
NAME__________Prestashop tshirtecommerce SQL injectionPlatforms Affected:Paradox IPR512Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop tshirtecommerce module is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to function hookActionCartSave and updateCustomizationTable using…
NAME__________DataGear SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________DataGear is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the /analysisProject/pagingQueryData endpoint using the queryOrder parameter, which…
NAME__________Air Cargo Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Air Cargo Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the admin/transactions/update_status.php…
NAME__________Online Tours and Travels Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Tours and Travels Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL…
NAME__________Online Tours and Travels Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Tours and Travels Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL…
NAME__________Automatic Question Paper Generator System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Automatic Question Paper Generator System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to…
NAME__________novel-plus SQL injectionPlatforms Affected:Risk Level:4.7Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________novel-plus is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the common/log/list endpoint using the sort and order…
NAME__________novel-plus SQL injectionPlatforms Affected:Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________novel-plus is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the MenuService function in the sys/menu/list endpoint, which could…
NAME__________Automatic Question Paper Generator System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Automatic Question Paper Generator System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to…
NAME__________REBUILD SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________REBUILD is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the queryListOfConfig function in the /admin/robot/approval/list endpoint, which…
NAME__________Student Study Center Desk Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Student Study Center Desk Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL…
NAME__________Student Study Center Desk Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Student Study Center Desk Management System is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL…
NAME__________IBOS SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________IBOS is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the ApiController.php script using the emailids parameter, which…
NAME__________Slimstat Analytics Plugin for WordPress SQL injectionPlatforms Affected:WordPress Slimstat Analytics Plugin for WordPress 4.9.3.2Risk Level:5.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Slimstat Analytics Plugin for WordPress is vulnerable to multiple SQL injections. A remote authenticated…
NAME__________Human Resource Management System /hrm/controller/login.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Human Resource Management System is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /hrm/controller/login.php…
NAME__________Responsive Hotel Site SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Responsive Hotel Site is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the messages.php script in…
NAME__________Simple Art Gallery SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Simple Art Gallery is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the adminHome.php script using…
NAME__________Online Pizza Ordering System /php-opos/index.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the /php-opos/index.php…