#sql

Hospital Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Ubuntu Security Notice 6720-1 - Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graph_view.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks.

E-Insurance version 1.0 suffers from a persistent cross site scripting vulnerability.

Daily Habit Tracker version 1.0 suffers from an access control vulnerability.

Daily Habit Tracker version 1.0 suffers from a remote SQL injection vulnerability.

Daily Habit Tracker version 1.0 suffers from a persistent cross site scripting vulnerability.

Employee Management System version 1.0 suffers from additional remote SQL injection vulnerabilities. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.

OpenCart Core version 4.0.2.3 suffers from a remote SQL injection vulnerability.

Online Hotel Booking in PHP version 1.0 suffers from a remote blind SQL injection vulnerability.

The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres Freund