Wordpress Sirv plugin SQL injection vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . A SQL injection vulnerability exists in the rowid parameter of the admin-ajax.php page of Wordpress plugin Sirv...

Unspecified SQL Injection Vulnerability in TYPO3 Shibboleth Authentication Extension

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. An unspecified SQL injection vulnerability exists in the TYPO3 Shibboleth Authentication extension, which could allow an attacker to take control of an application, access or modify data, or explo...

SQL injection vulnerability in hdwiki doc.class.php page

Interactive Wiki open source system HDwiki as China's first independent intellectual property rights of the Chinese Wiki Wiki system. SQL injection vulnerability exists in hdwiki doc.class.php page, allowing attackers to exploit the vulnerability to directly manipulate the website database and...

Exponent CMS 'version' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the American OIC group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers fro...

Exponent CMS 'username' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS...

SQL Injection Vulnerability in Penta Digital Campus System folder Parameter

Penta Digital Campus System is using the technology platform of .NET+SqlServer. A SQL injection vulnerability exists in the /BG/Mail/UMessageView.aspx page of Pangda Digital Campus System. The lack of filtering of the 'folder' parameter allows an attacker to exploit the vulnerability to obtain...

SQL Injection Vulnerability in type=Detail&FileId Parameter of Penta Digital Campus System

Penta Digital Campus System is using the technology platform of .NET+SqlServer. A SQL injection vulnerability exists in the /BG/GRBG/FileManage/FileUPload.aspx page of Pangda Digital Campus System. The lack of filtering of the 'id' parameter allows an attacker to exploit the vulnerability to obta...

SQL Injection Vulnerability in Digital China Internet Behavior Management System Announce_Num Parameter

Digital China Internet Behavior Management System is an Internet behavior logging system that fully owns the network behavior analysis management system, integrating hardware and software architecture, behavior analysis engine, management and control policies, analyzing network activities in real...

SQL Injection Vulnerability in ShoweditField Function of Tibco Call Center System

The core of Tibco's call center system is a communication-based system for internal and external corporate communication. A SQL injection vulnerability exists in the showeditField function of the Tibco Call Center System. Vulnerability file: /userweb/php/index/fieldConfig.class.php, exploit: UNIO...

SQL Injection Vulnerability in ECSHOP 3.0 category.php

ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store. The system is based on PHP language and MYSQL database structure development of cross-platform open source program. ECSHOP 3.0 version category.php SQL injection...

SQL Injection Vulnerability in InputStream Parameter of VOA (Pengwei) System

Shenzhen Pengwei Information Technology Co., Ltd VOA collaborative office platform is a kind of asp development OA system. VOA Pengwei system InputStream parameter exists SQL injection vulnerability, the vulnerability URL is...

SQL Injection Vulnerability in the ywonlyflag Parameter of VOA (Pengwei) System

Shenzhen Pengwei Information Technology Co., Ltd VOA collaborative office platform is a kind of asp development OA system. VOA Pengwei system ywonlyflag parameter exists SQL injection vulnerability, the vulnerability URL is...

CVE-2016-1000116

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS...

SQL injection vulnerability in mallbuilder background admin/index.php page

MallBuilder is a multi-user online shopping mall solution system based on PHP+MYSQL. A SQL injection vulnerability exists in the admin/index.php page of the mallbuilder backend, which allows attackers to exploit the vulnerability to obtain sensitive database information...

SQL injection vulnerability in mallbuilder frontend admin/index.php page

MallBuilder is a multi-user online shopping mall solution system based on PHP+MYSQL. A SQL injection vulnerability exists in the admin/index.php page of mallbuilder, which allows attackers to obtain sensitive database information using common SQL injection tools...

SQL Injection Vulnerability in KuaiFanCMS File /upload/kuaifan/module/xinxi/fasong.module.php

KuaiFanCMS V5.x is developed with PHP5+MYSQL as the technical base. kf is built with Smarty template engine. KuaiFanCMS file /upload/kuaifan/module/xinxi/fasong.module.php at the existence of SQL injection vulnerability, an attacker can use this vulnerability to obtain sensitive database...

Phpdisk E_Core 3.0 suffers from SQL injection vulnerability

PHPDisk E-Core Enterprise Office Series is a set of enterprise network office, enterprise paperless office and document management system for the network cloud storage disk system. Phpdisk ECore 3.0 'uckey' SQL injection vulnerability. Allow attackers to exploit the vulnerability to change any...

SQL Injection Vulnerability in KuaiFanCMS File /upload/kuaifan/module/lianjie/index.module.php

KuaiFanCMS V5.x is developed with PHP5+MYSQL as the technical base. kf is built with Smarty template engine. KuaiFanCMS file /upload/kuaifan/module/lianjie/index.module.php at the existence of SQL injection vulnerability, an attacker can be exploited to obtain sensitive database information...

WordPress Zotpress Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the 'zpgetaccount' function in the WordPress Zotpress plugin, which allows remote attackers to exploit the vulnerability by...

Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerability

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM are both products of the U.S. Cisco Cisco.PI is a set of solutions for wireless management through Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies; EPNM is a network...