SQL Injection vulnerability in “Documents component” found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the object_path parameter.
CWE-89
CVE-2020-28133
An issue was discovered in SourceCodester Simple Grocery Store Sales And Inventory System 1.0. There was authentication bypass in web login functionality allows an attacker to gain client privileges via SQL injection in sales_inventory/login.php.
CVE-2020-28138
SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php.
CVE-2020-28172
A SQL injection vulnerability in Simple College Website 1.0 allows remote unauthenticated attackers to bypass the admin authentication mechanism in college_website/admin/ajax.php?action=login, thus gaining access to the website administrative panel.
CVE-2020-28183
SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php.
CVE-2020-28070
SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the ‘id’ parameter.
