SQL Injection Vulnerability in UFIDA UFO System queryMaxlev method

UFIDA UFO system is UFIDA software comes with tabular data processing software. A SQL injection vulnerability exists in the UFIDA UFO System queryMaxlev method. An attacker is allowed to exploit the vulnerability to obtain database information...

SkyClassroom Distance Learning Training Platform Has Multiple Generic Vulnerabilities

Sky Classroom is one of the domestic manufacturers that develops online teaching platforms, serving the Ministry of Education, multi-provincial education departments and 360 colleges and universities nationwide. Sky Classroom's distance learning training platform suffers from a number of generic...

SQL Injection Vulnerability in Baishuo Networks CMS Management System

The cms management system is a content management system for text processing, image processing, flash animation, sound and video streaming, images and even email archives. Baishuo network cms management system has SQL injection vulnerability, id parameter filtering is not strict leading to sql...

Cisco Firepower Management Center SQL Injection Vulnerability

Cisco Firepower Management Center is a new generation of firewall management center software from the U.S. company Cisco Cisco. A SQL injection vulnerability exists in the web framework in Cisco Firepower Management Center, which stems from a lack of input validation in the program. A remote...

Streamo Online Radio And TV Streaming CMS SQL Injection Vulnerability

Streamo Online Radio And TV Streaming CMS is a popular online radio and TV streaming content management system. A SQL injection vulnerability exists in the id parameter of the programs.php page of Streamo Online Radio And TV Streaming CMS, which can be exploited by an attacker to take control of...

Fastspot BigTree CMS SQL Injection Vulnerability

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. An SQL injection vulnerability exists in the admin.php page in Fastspot BigTree CMS versions prior to 4.2.11, which can be exploited by an attacker to compromise an...

Joomla! com_publisher component SQL injection vulnerability

Joomla! is an open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the Joomla! compublisher component. An attacker can use this vulnerability to take control of the application, access or modify data, ...

Lokomedia CMS Remote SQL Injection Vulnerability

Lokomedia CMS is a content management system. Lokomedia CMS suffers from a remote SQL injection vulnerability. An attacker could use this vulnerability to take control of the application, access or modify data, or exploit potential vulnerabilities in the underlying database...

ADOdb SQL Injection Vulnerability

ADOdb is an intermediate component for PHP programs to access the database . A SQL injection vulnerability exists in version 5.x of ADOdb. An attacker could use this vulnerability to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying database...

ExponentCMS SQL Injection Vulnerability (CNVD-2016-08089)

Exponent CMS is a free, open source, modular PHP-based content management system. Exponent CMS suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

SQL Injection Vulnerability in the Backend of Armitage Website Management System

Jingxun CMS is a website construction and management system by Taizhou Jingxun Information Technology Co. A SQL injection vulnerability exists in the backend of the 2.1 Simplified Chinese version of the Armitage CMS, due to the system not filtering the $attachment parameter. This vulnerability...

FoosunCMS SQL Injection Vulnerability

FoosunCMS is a content management software based on ASP+ACCESS/MSSQ architecture. FoosunCMS version 1.0 to 2.0 has a SQL injection vulnerability, because the system does not filter the CityId parameter. Allow attackers to exploit the vulnerability to obtain sensitive information in the database...

SQL injection vulnerability exists in the page /target/lres/message/index.html?t_id=116 of the generic reader education system of Nanjing Oncor Technology Co.

Nanjing Oncor Technology Co., Ltd Esmay Reader Education System is a set of library reader education system. A SQL injection vulnerability exists in the page /target/lres/message/index.html?tid=116 of the general-purpose reader education system of Nanjing ONC Technology Co. An attacker can remote...

SQL Injection Vulnerability in the id parameter of Zhixiang OA System

Zhixiang Information consists of Guangzhou Zhixiang Computer Technology Co., Ltd. and Shenzhen Zhixiang Cloud Information Technology Co., Ltd. and has many offices around the world, which is a customer demand-oriented information technology company centered on the continuous innovation of IT...

Generalized SQL Injection Vulnerability in VOD Live Streaming System of Nanjing Suaxing Information Technology Development Co.

Nanjing Suya Star Information Technology Development Co., Ltd. is for the school distance education and campus entertainment on demand needs and the development of a set of application systems. A generic SQL injection vulnerability exists in the VOD on-demand live streaming system of Nanjing Suya...

SQL Injection Vulnerability in 4a Web-based Teaching Platform System

The "4A Network Teaching Platform" is the preliminary result of the National Modern Distance Education Project Key Technology Research Project "Development of National Modern Distance Education Support System", and it is the earliest network teaching platform researched and developed in China. Th...

SQL Injection Vulnerability in hid_id and oldpwd Parameters of Multiple Series of D-Link Behavioral Gateways

D-Link DAR-8000-X series and DAR-7000-x series Internet Access Behavior Audit Gateways provide Internet access behavior management solutions. A SQL injection vulnerability exists in several series of D-Link behavior gateways. The file in question is autheditepwd.php, and the injection parameters...

SQL Injection Vulnerability in the Title Parameter of the Digital Newspaper System/www/index.php Page of Pleasant Reading Media

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. There is a SQL injection vulnerability in this product, the vulnerability URL is: /www/index.php?mod=admin&con=deliver&title=1, the vulnerability parameter is: title, the attacker can use the vulnerability to...

SQL Injection Vulnerability in the type Parameter of getSpecialIpConfigList of Internet User Speed Measurement Platform of Freescale Technology (Beijing) Co.

FeiShiDa Technology Beijing Co., Ltd. Internet user speed test platform is used to provide users with mobile broadband online test WEB system. The product has a SQL injection vulnerability, the vulnerability URL is: http://target/getSpecialIpConfigList?type=, the injection parameter is: type, the...

SQL injection vulnerability in BlogManage/Resource/UserForResourceList.aspx page of Shanghai Hongyu Information Technology Co.

ECS ECS education site system is a general-purpose CMS program developed by Shanghai Hongyu Information Technology Co., Ltd. for schools, education and other site-building system. The product BlogManage/Resource/UserForResourceList.aspx page SQL injection vulnerability, an attacker registers an...