Lucene search
K

1140 matches found

CNVD
CNVD
added 2016/06/12 12:0 a.m.4 views

SQL injection vulnerability in news.htm?id=parameter of distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is centered on real-time interactive online classroom, combining powerful functions such as courseware on demand, course transaction, online payment and online examination to build a perfect online knowledge transaction platform for students and...

7.8AI score
Exploits0References1
CNVD
CNVD
added 2016/06/05 12:0 a.m.3 views

Apache Ranger SQL Injection Vulnerability

Apache Ranger is a set of architectures for implementing comprehensive security measures for Hadoop clusters, providing centralized security policy management for core enterprise security requirements such as authorization, billing and data protection. Apache Ranger suffers from a SQL injection...

7.2CVSS8AI score0.01884EPSS
Exploits1References1
CNVD
CNVD
added 2016/05/31 12:0 a.m.0 views

SQL Injection Vulnerability in Image Archiving and Transmission System of Infidel Software (Shanghai) Co.

Infidel Software Shanghai Co., Ltd. image archiving and transmission system is a set of software about medical image archiving and transmission. An SQL injection vulnerability exists in the Image Archiving and Transfer System of Infinera Software Shanghai Co. Ltd, which can be exploited by an...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2016/05/13 12:0 a.m.2 views

Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability

Cisco Cloud Network Automation Provisioner is a suite of cloud network automation provisioning software. A SQL injection vulnerability exists in Cisco Cloud Network Automation Provisioner, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...

7.1CVSS8AI score0.00861EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/06 12:0 a.m.2 views

Trend Micro Email Encryption SQL Injection Vulnerability

Trend Micro Email Encryption is a suite of identity-based email encryption solutions, and Trend Micro Email Encryption Gateway is one of the gateway products that provides data protection. A SQL injection vulnerability exists in the authentication feature of Trend Micro Email Encryption, which...

9.8CVSS8.2AI score0.02774EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/26 12:0 a.m.2 views

Generalized SQL Injection Vulnerability in Beijing Zixin Newspaper Communication Technology Digital Newspaper System

Beijing Purple New Digital Newspaper System is a perfect, efficient, stable, reliable, flexible and scalable digital workflow management system for combined editions. A generic SQL injection vulnerability exists in the Beijing Purple New Newspaper Technology Digital Newspaper System, which allows...

7.6AI score
Exploits0
CNVD
CNVD
added 2016/04/14 12:0 a.m.4 views

BlackBerry Enterprise Service Management Console SQL Injection Vulnerability

BlackBerry Enterprise Service is a next-generation mobile device management platform. A SQL injection vulnerability exists in the Management Console component of BlackBerry Enterprise Service, which could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or...

8.8CVSS8AI score0.04099EPSS
Exploits5References1
CNVD
CNVD
added 2016/03/28 12:0 a.m.1 views

CMS system of Yingkou Aisda Computer Information Network Co., Ltd. suffers from sql injection vulnerability

Yingkou Aisda Computer Information Network Co., Ltd CMS system is a content management system. The product suffers from a sql injection vulnerability, which can be exploited by an attacker to obtain sensitive database information...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2016/02/27 12:0 a.m.6 views

Yeager SQL Injection Vulnerability (CNVD-2016-01401)

Yeager is an open source content management system . Yeager has a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

9.8CVSS8.1AI score0.04056EPSS
Exploits5References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/02/19 5:42 a.m.2 views

EC-CUBE plugin "Help plug-in" vulnerable to SQL injection

Overview EC-CUBE plugin "Help plug-in" provided by Cuore contains an SQL injection vulnerability CWE-89. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

9.1CVSS7.6AI score0.01361EPSS
Exploits0References5
CNVD
CNVD
added 2016/02/08 12:0 a.m.1 views

WordPress eshop plugin SQL injection vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language. eShop is one of the online store plugins. A SQL injection vulnerability exists in the WordPress eshop plugin, which allows remote attackers to exploit the vulnerability to submit specially...

8.8CVSS7.9AI score0.02894EPSS
Exploits1References1
CNVD
CNVD
added 2016/01/16 12:0 a.m.2 views

Cacti SQL Injection Vulnerability (CNVD-2016-00352)

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti Group. Cacti suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability to submit specially crafted SQL queries to manipulate or obtain database data...

8.8CVSS8AI score0.02315EPSS
Exploits2References1
CNVD
CNVD
added 2016/01/08 12:0 a.m.3 views

SQL Injection Vulnerability in 'roleName' Parameter of Founder Xiangyu CMS System

Founder Xiangyu CMS system is a full-process management platform for website information release. A SQL injection vulnerability exists in the Founder Xiangyu CMS system. The lack of filtering of the 'roleName' parameter allows attackers to exploit the vulnerability to obtain sensitive database...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2015/12/30 12:0 a.m.1 views

Samba Information Disclosure Vulnerability

Samba is a set of programs that implement the SMB Server Messages Block protocol, cross-platform file sharing and print sharing services. An information disclosure vulnerability exists in Samba versions 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3. Due to the length of the error...

7.5CVSS7.3AI score0.06114EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/16 12:0 a.m.3 views

Multiple Vulnerabilities in GCMS 2005 of Beijing Guangdu Qimin Information Technology Co.

Ltd. Speed Sword 2005 GCMS is a portal creation and management system that integrates content management system, multi-site management and page display. SQL injection and cross-site scripting vulnerabilities exist in GCMS. An attacker can exploit the vulnerabilities to obtain sensitive database...

7.4AI score
Exploits0
CNVD
CNVD
added 2015/11/07 12:0 a.m.1 views

Accentis 'SIDX' Parameter SQL Injection Vulnerability

Accentis is a suite of management software for ERP, CRM, payroll, production and inventory management. Accentis fails to properly filter the 'SIDX' parameter, allowing remote attackers to exploit the vulnerability to submit specially crafted SQL query operations or obtain database data...

8.8CVSS7.5AI score0.01566EPSS
Exploits2References1
CNVD
CNVD
added 2015/10/24 12:0 a.m.1 views

SQL Injection Vulnerability in RuvarOA Collaboration Office Platform of Guangzhou Luhua Computer Co.

Guangzhou Luhua Computer Co., Ltd RuvarOA collaborative office platform is a kind of enterprise office system. The product /DepartmentPlan/departmentplanattachdownload.aspxsysfilestorageid= there is a SQL injection vulnerability, the vulnerability parameter is sysfilestorageid, the type of GET...

7.5AI score
Exploits0References1
CNVD
CNVD
added 2015/10/24 12:0 a.m.3 views

SQL Injection Vulnerability in the Webid Parameter of the Hot.aspx Page of the Online Query System of Shanghai Caixa Science and Technology Development Corporation's Kefa...

Shanghai Cai Da Science and Technology Development Corporation Kofa online query system is a comprehensive query system for financial information. The product has a SQL injection vulnerability, the vulnerability URL is: /hot.aspx?mid1=&mid2=&webid=, the vulnerability parameter is webid, the...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2015/10/03 12:0 a.m.2 views

Open-Xchange OX Guard SQL Injection Vulnerability

Open-Xchange OX Guard is a security suite for email and documents. A SQL injection vulnerability exists in the public key discovery API calls of Open-Xchange OX Guard, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain...

6.5CVSS8AI score0.01748EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/20 12:0 a.m.6 views

Symantec Web Gateway SQL Injection Vulnerability (CNVD-2015-06066)

Symantec Web Gateway is a suite of web content filtering software. The software provides web content filtering and data leakage protection. A SQL injection vulnerability exists in Symantec Web Gateway, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL...

5.8CVSS8AI score0.01801EPSS
Exploits0References1
Rows per page
Query Builder