Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via “Username: admin’# && Password: (Write Something)”.
CWE-89
CVE-2020-23936
PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Authentication Bypass via “Username: admin’# && Password: (Write Something)”.
CVE-2020-23945
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
CVE-2020-23973
KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the ‘team.php,player.php,club.php’ id parameter.
CVE-2020-23976
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the ‘content.php’ id parameter.
CVE-2020-23978
SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter ” offerta.php”
