CWE-89

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php.

Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php.

Seltmann GmbH Content Management System 6 is vulnerable to SQL Injection via /index.php.

ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can complete SQL injection by constructing a special request and sending it to function importNotice.

A vulnerability classified as critical was found in SourceCodester School Dormitory Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Admin Login. The manipulation leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-216775.