• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-44966

February 23, 2023 by

SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.

CVE-2021-45014

February 23, 2023 by

There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26

CVE-2021-44866

February 23, 2023 by

An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the ‘id’ paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.

CVE-2021-44868

February 23, 2023 by

A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do

CVE-2021-44874

February 23, 2023 by

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user.

CVE-2021-44915

February 23, 2023 by

Taocms 3.0.2 was discovered to contain a blind SQL injection vulnerability via the function Edit category.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 557
  • Go to page 558
  • Go to page 559
  • Go to page 560
  • Go to page 561
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE