Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2022-30843: bug_report_CVE/sql.md at main · mikeccltt/bug_report_CVE

Room-rent-portal-site v1.0 is vulnerable to SQL Injection via /rrps/classes/Master.php?f=delete_category, id.

CVE
Open in Source
#sql#vulnerability#windows#js#java#php#firefox
CVE-2022-30463: automotive/sql.md at main · mikeccltt/automotive

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_product.

CVE-2022-30459: chatbot/sql.md at main · mikeccltt/chatbot

ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simple_chat_bot/classes/Master.php?f=delete_response, id.

CVE-2022-30461: wbms_bug_report/sql.md at main · mikeccltt/wbms_bug_report

Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id

CVE-2022-30454: bug_report/SQL-1.md at main · mikeccltt/bug_report

Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.

CVE-2022-1840: webray.com.cn/Home Clean Services Management System Stored Cross-Site Scripting(XSS).md at main · Xor-Gerke/webray.com.cn

A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely but demands authentication. Exploit details have been disclosed to the public.

CVE-2022-1839: webray.com.cn/HCS_login_email_SQL_injection.md at main · Xor-Gerke/webray.com.cn

A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(2)))JPeh)/**/AND/**/'frfq%'='frfq leads to sql injection. The attack can be initiated remotely but it requires authentication. Exploit details have been disclosed to the public.

CVE-2022-1838

A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AND/**/'frfq%'='frfq leads to sql injection. It is possible to initiate the attack remotely but it requires authentication. Exploit details have been disclosed to the public.