#sql

CVE-2023-2064

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace allows SQL Injection.This issue affects eTrace: before 23.05.20.

2 years ago

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cityboss E-municipality allows SQL Injection.This issue affects E-municipality: before 6.05.

2 years ago

A vulnerability was found in SourceCodester Theme Park Ticketing System 1.0. It has been classified as critical. This affects an unknown part of the file print_ticket.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229821 was assigned to this vulnerability.

2 years ago

CVE

Open in Source

#sql #vulnerability #php

CVE-2023-2863

A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819.

2 years ago

CVE

Open in Source

#sql #vulnerability #android

CVE-2023-32697: Release Release 3.41.2.2 · xerial/sqlite-jdbc

SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.

2 years ago

CVE

Open in Source

#sql #vulnerability #git #java #rce #auth #maven

CVE-2023-1508

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.This issue affects Mobilmen Terminal Software: before 3.

2 years ago

CVE

Open in Source

#sql #vulnerability

CVE-2023-31752: bug_report/SQLi-2.md at main · 4O4NtFd/bug_report

SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employee_gatepass/classes/Login.php.

2 years ago

CVE

Open in Source

#sql #vulnerability #web #windows #apple #php #auth #chrome #webkit

GHSA-6phf-6h5g-97j2: Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled

## Summary Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. ## Impacted versions : 3.6.14.1-3.41.2.1 ## References https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2

2 years ago

ghsa

Open in Source

#sql #vulnerability #git #rce

CVE-2023-33361: There is a SQL Injection in the "permalinks" function of piwigo · Issue #1910 · Piwigo/Piwigo

Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php.

2 years ago

CVE

Open in Source

#sql #vulnerability #php

CVE-2023-33362: There is a SQL Injection in the "profile" function of piwigo · Issue #1911 · Piwigo/Piwigo

Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.