SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication.
CWE-89
CVE-2020-29283
An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.
CVE-2020-29284
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability.
CVE-2020-29285
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php.
CVE-2020-29287
An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.
CVE-2020-29288
An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter ‘id’ is vulnerable.
