WordPress Hide My WP plugin versions 6.2.9 and below suffer from an unauthenticated remote SQL injection vulnerability.
33f5fa64f551c4a29625c510ca5f542be8dc039807964ef77f7aca808db3a3bf
NDtaskmatic version 1.0 suffers from a remote SQL injection vulnerability.
937864e92a9493aa55230c661e22af5ba23fc573b0d4f507979622c61443310b
Customer Support System version 1.0 suffers from a remote SQL injection vulnerability in /customer_support/ajax.php. Original discovery of SQL injection in this version is attributed to Ahmed Abbas in November of 2020.
718d48eb7ca237f5f3ee83bb6118e210de87e3b83055bc4ece1ed2ad4b88e9d9
Petrol Pump Management Software version 1.0 suffers from a remote SQL injectionvulnerability.
51abe5321193658e358ef6153227465b3009062f89a267703a6584db36a564df
Employee Management System version 1.0-2024 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.
01f9a437e502773164c42d18db293d6d010978a568703d9945cb9bfe002238b5
XAMPP version 5.6.40 suffers from a remote SQL injection vulnerability.
388ddb4dde51e1972477265a1ca501e1b0ccc13ac7cdae3357edbf821cc9e47b
AC Repair And Services System version 1.0 suffers from a remote SQL injection vulnerability.
968e1e9ea2480d617b49d7df215b4108c9bc3eb6c59822b95bb40c30e4220cb9
Simple Student Attendance System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
6b7b532debcb16f754e8a23e15c6fb12f3478fbbf1e0f8342fa31ef1ea31bcf1
Enrollment System version 1.0 suffers from a remote SQL injection vulnerability.
ddb348460baad158ede32a1e64b198a6eda0705abd3b466ba99ab854c0719269
Membership Management System version 1.0 suffers from a remote SQL injection vulnerability.
cae19e19f238f73a43ac344cc32149c7e4a9422e1a737c3718fa73459378ca49
Blood Bank version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021.
b80ea9dc4dcabb3799a9c6566f8928f2eaa8d06049d1d71965c70f4f1c6af8b7
WordPress WP Fastest Cache plugin version 1.2.2 suffers from an unauthenticated remote SQL injection vulnerability.
38c4ccc413d62f200211fb17cb0cd093832fd5b828e079e5fdf40dfcd8083574
Hospital Management System version 1.0 suffers from a remote SQL injection vulnerability.
d44a649c2c912867d906854a7f620e0dc403f37dffff37c544bc1619094d5b96
SuperStoreFinder versions 3.7 and below suffer from cross site request forgery, remote command execution, and remote SQL injection vulnerabilities.
8a5a27ee2cdba842a87bb56778f36fe0e630257be6595b634453cc2afcaf8a8c
Simple Inventory Management System version 1.0 suffers from a remote SQL injection vulnerability.
8e51d27e9d209102d0cc21f4fcd8ca293e548ced1856940a8a497960d3d17967
Flashcard Quiz App version 1.0 suffers from a remote SQL injection vulnerability.
2d19f05f546a17fd7531fb2d8505ca2f52f76ae282a5f46a1b55c2ced76fd1ef
FAQ Management System version 1.0 suffers from a remote SQL injection vulnerability.
2ea51098a949106e71b766b144109b1be9da517c51665344c9ebb17028a158a4
Fuelflow version 1.0 suffers from a remote SQL injection vulnerability.
f20df871b015a83f2890d65c542097b8e2ef692547a8a6b09c7f09efd6242502
Employee Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.
eac3ee07605d15d68a5d408fecb91498a9bfab9973368c0e16d4816f4539dc97
User Registration and Login and User Management System version 3.1 suffers from a remote SQL injection vulnerability.
a778aabc9984b218ebd37f1e8af2db7ea6c66baaade706530c48a38013537c6f
JFrog Artifactory versions prior to 7.25.4 suffer from a remote blind SQL injection vulnerability.
0dc96d8c4641266fce6becf3c5ad80a2e19a76708111b79b7cd09269f93269b7
Complaint Management System version 2.0 suffers from multiple remote SQL injection vulnerabilities.
7d59fd41c98ba13cc28a26570e58f683a451359e694067648261bbca1fbe2342
Online Nurse Hiring System version 1.0 suffers from a remote time-based SQL injection vulnerability.
fd5be2e764f735e1ef4c43bc361ad2809efa26a662efb41dbedb2d00e771f328
Rail Pass Management System version 1.0 suffers from a remote time-based SQL injection vulnerability.
2b693817570fe3a35773eacbfa7f21cab22c9c8e1f9c999e2cbb0f1bb12f6fcf
This Metasploit exploit module leverages sql injection and local file inclusion vulnerabilities in Cacti versions prior to 1.2.26 to achieve remote code execution. Authentication is needed and the account must have access to the vulnerable PHP script (pollers.php). This is granted by setting the Sites/Devices/Data permission in the General Administration section.
b4ef67908324e2b53eac068bc36847b4c86d487875706d6d2339e053cc3970f0