Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2022-48090: tramyardg-hotel-mgmt-system of version2022.4 has a SQL injection vulnerability · Issue #21 · tramyardg/hotel-mgmt-system

Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php.

CVE
Open in Source
#sql#vulnerability#php
CVE-2023-22494: Potential SQL Injections

a12nserver is an open source lightweight OAuth2 server. Users of a12nserver that use MySQL might be vulnerable to SQL injection bugs. If you use a12nserver and MySQL, update as soon as possible. This SQL injection bug might let an attacker obtain OAuth2 Access Tokens for users unrelated to those that permitted OAuth2 clients. The knex dependency has been updated to 2.4.0 in a12nserver 0.23.0. There are no known workarounds.

Academy LMS 5.11 Cross Site Scripting

Academy LMS version 5.11 suffers from a cross site scripting vulnerability.

ChiKoi New-MVC-SHOP 1.0 Cross Site Scripting

ChiKoi New-MVC-SHOP version 1.0 suffers from a cross site scripting vulnerability.

Red Hat Security Advisory 2023-0160-01

Red Hat Security Advisory 2023-0160-01 - PostgreSQL is an advanced object-relational database management system.