Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2022-29627: OpenSource/exploit_idor.md at main · nsparker1337/OpenSource

An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers.

CVE
Open in Source
#sql#vulnerability#linux#apache#php#auth
CVE-2022-29628: OpenSource/exploit_rxss.md at main · nsparker1337/OpenSource

A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter.

CVE-2022-29659: Responsive Online Blog Website using PHP/MySQL with Source Code

Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php.

CVE-2022-31962: bug_report/SQLi-9.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/view_incident.php?id=.

CVE-2022-31344: bug_report/SQLi-3.md at main · k0xx11/bug_report

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking.

CVE-2022-31964: bug_report/SQLi-11.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondent_types/view_respondent_type.php?id=.

CVE-2022-31961: bug_report/SQLi-10.md at main · k0xx11/bug_report

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manage_incident.php?id=.

CVE-2022-31343: bug_report/SQLi-1.md at main · k0xx11/bug_report

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=.

CVE-2022-31345: bug_report/SQLi-2.md at main · k0xx11/bug_report

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=.