SQL Injection Vulnerability in Website Construction System of Binzhou Lingzhi Network Engineering Co.

Binzhou Lingzhi Network Engineering Co., Ltd. is a set of development, involving, sales, service as one, specializing in providing network information technology services for enterprises and institutions. Binzhou Lingzhi Network Engineering Co., Ltd. website construction system there are SQL...

Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2018-08812)

Cybozu Garoon is an office software with Chinese, Japanese, and English languages. An operation restriction bypass vulnerability exists in the login authentication settings in Cybozu Garoon 3.0.0 through 4.2.6. The vulnerability can be exploited by users logging in to the product with...

CVE-2018-9852

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23...

CVE-2018-9852

In Gxlcms QY v1.0.0713, the vulnerable component is Lib\Lib\Action\Home\HitsAction.class.php. The issue allows remote attackers to read data from the database by injecting a FROM clause into the query string of a Home-Hits request (e.g., sid=user,password%20from%20mysql.user%23). This appears as ...

CwCms v1.8_asp Exists SQL Injection Vulnerability

CwCMS is a customized ASP+Access/MsSql content management system specifically designed for corporate websites. CwCms v1.8asp suffers from a SQL injection vulnerability. The vulnerability stems from the program does not strictly filter parameters. An attacker can exploit this vulnerability to obta...

SQL Injection Vulnerability in 08cms

08CMS Automotive Portal System is a solution for automotive portals, based on PHP+MYSQL development, super static page deployment, template and program separation, scalable architecture, open-type code, unlimited support for deep secondary development. SQL injection vulnerability exists in 08cms...

SQL injection vulnerability in Monxin Forms System \program\talk\show\set_group.php page

Monxin Forms System is an open source program that runs on PHP+MySQL. A SQL injection vulnerability exists in the \program\talk\show\setgroup.php page of Monxin Forms System. An attacker can exploit this vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in the Website Building System of Tai'an Star Network Technology Co.

Tai'an Star Networks Co., Ltd. is a website construction, website promotion, Internet marketing, 400 free phone calls and other businesses, with Internet technology as the core of the high-tech enterprises. Taian Star Network Technology Co., Ltd. station building system there are SQL injection...

SQL Injection and Cross-Site Scripting Vulnerabilities in Esmay's Non-Book Resource Management System

Esmay Non-Book Resource Management System can help librarians conveniently manage accompanying books, accompanying CD-ROMs and other non-paper resources, and help patrons directly search, browse online, operate online, partially download, and fully download the CD-ROMs they need. There are SQL...

SQL injection vulnerability in profile.asp page of Qixing website construction system of Xiamen Nancy Network Technology Co.

Qixing website construction is a professional customized website construction brand launched by Nancy Networks, focusing on customized brand website construction services and brand network marketing field, for the majority of domestic small and medium-sized enterprises to provide website design,...

SQL injection vulnerability in user.mod.php file of UQCMS Cloud B2B2C multi-store system

UQCMS cloud business system is a program using PHP + MYSQL, template using smarty template B2B2C e-commerce software. UQCMS Cloud Business B2B2C multi-store system user.mod.php file has a SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

ABB netCADOPS Web Application Information Disclosure Vulnerability

netCADOPS is an ABB web application. An information disclosure vulnerability exists in the ABB netCADOPS Web Application, which can be exploited by an attacker to obtain sensitive information about a database...

SQL Injection Vulnerability in ThinkLC V3.9 Classified Information System www_member_admin_money.php Page

ThinkLC Classified Information System is a local classified information system built on PHP+MYSQL development. SQL injection vulnerability exists in the wwwmemberadminmoney.php page of ThinkLC V3.9 Classified Information System, which can be exploited by attackers to obtain sensitive information...

Code execution vulnerability in poscms version 3.2.0.1204

POSCMS is an open source cross-platform web content management system developed by Php+Mysql. POSCMS version 3.2.0.1204 code execution vulnerability , the program writes to the cache file of the data from the database site information is not sufficiently filtered when taken out , an attacker can ...

SQL Injection Vulnerability in Yefan's Website Building System

Ye Fan network is set APP development, H5 development, website development, micro letter development and enterprise brand publicity in one of the one-stop service enterprise is the Internet comprehensive service provider. SQL injection vulnerability exists in Ye Fan Network website building syste...

SQL Injection Vulnerability in Uno Network Technology Website Building System

Shenyang Uno Technology Co., Ltd. is a one-stop service brand marketing planning company committed to providing Chinese enterprises with one-stop service suitable for the development of the times, integrating enterprise station building, search engine optimization, WAP website, APP client and so...

Jiangxi Lugu Network Technology Co., Ltd. website construction system with SQL injection vulnerability

Jiangxi Six Valley Network Technology Co., Ltd. is a company that provides targeted, personalized enterprise website construction solutions. Jiangxi LiuGu Network Technology Co., Ltd. website construction system exists SQL injection vulnerability. Attackers can use the vulnerability to access or...

SQL Injection Vulnerability in Website Construction System of Huizhou ChuangWin Technology Co.

Ltd. is a software company specializing in the development of large-scale shopping malls, APP, OA systems, ERP systems, financial systems and other development. The website construction system of Huizhou ChuangWin Technology Co., Ltd. suffers from SQL injection vulnerability, which can be exploit...

SQL Injection Vulnerability in Website Construction System of Fuyang Xinpin Network Technology Co.(CNVD-2018-01949)

Fuyang City Xinpin Network Technology Co., Ltd. is a technology-based enterprise focusing on providing full network marketing solutions for the majority of tourism enterprises. The website construction system of Xinpin Network Technology Co., Ltd. suffers from SQL injection vulnerability, which c...

Website Security Dog (Apache Edition) V4.0 suffers from SQL injection vulnerability (CNVD-2018-02086)

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. Allows attackers to exploit the...