723 matches found
SQL injection vulnerability in the cl***_id*** parameter of Harbin Fengteng E-commerce station building system pr***.php page
Fengteng e-commerce website building system is a website building system. Harbin Fengteng e-commerce station building system pr.php page under the clid parameter there is a SQL injection vulnerability There is a SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitiv...
zzcms SQL Injection Vulnerability (CNVD-2019-13260)
ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in the /user/logincheck.php file in ZZCMS version 8.3. The vulnerability can be exploited by a remote attacker to execute SQL commands with the help of the 'X-Forwarded' parameter in the HTTP...
WordPress Plugin Advanced Custom Fields Pro SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress plugin Advanced Custom Fields Pro SQL injection vulnerability. The vulnerability is caused due to the program faili...
SQL Injection Vulnerability in Rabbit Movie CMS
Rabbit TV CMS is an open source content building system. Rabbit Movie CMS has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...
ShopsN single merchant b2c mall system v2.3.6 has SQL injection vulnerability
ShopsN single merchant b2c mall system is an open source online store system developed using PHP + MySQL. ShopsN single merchant b2c mall system v2.3.6Us.class .php file addressadd function has a SQL injection vulnerability , an attacker can use this vulnerability to obtain the administrator...
SQL Injection Vulnerability in QYKCMS v4.3.2
QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. QYKCMS v4.3.2 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL injection vulnerability in free version of Touchmedia Mall system
TouchNet universal mall station-building system is a set of universal station-building system developed by Tianjin TouchNet Technology Co. TouchNet Universal Mall Station Building System free version of the foreground there is a SQL injection vulnerability, the attacker can be customized through...
CVE-2018-18791
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie...
SeaCMS SQL Injection Vulnerability (CNVD-2018-19865)
SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A SQL injection vulnerability exists in the 'order' parameter in SeaCMS version 6.64, which can be exploited by remote attackers to execute SQ...
SemCms php version V3.2 SQL injection vulnerability in frontend
SemCms is an open source foreign trade enterprise website management system , mainly for foreign trade enterprises , compatible with IE, Firefox and other mainstream browsers . SemCms php version V3.2 front-end SQL injection vulnerability , attackers can use the vulnerability to obtain the...
SQL injection vulnerability in ZZCMS 8.3 ta***.php file
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the ta.php file of ZZCMS version 8.3. An attacker can exploit the vulnerability to obtain sensitive information from the database...
CVE-2018-16436
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator...
SQL Injection Vulnerability in the Frontend of DaQuanZhouAuto.com
It is an automobile network platform that provides Quanzhou automobile, Quanzhou automobile information, Quanzhou new car, Quanzhou used car and other services. SQL injection vulnerability exists in the front-end of DaQuanZhouAuto.com, the vulnerability stems from the failure to filter the pagenu...
PHP Dashboards SQL Injection Vulnerability
A SQL injection vulnerability exists in PHP Dashboards. The vulnerability is caused due to a failure to adequately filter user-supplied data before it is used in the program's SQL queries, which can be exploited by an attacker to gain access to sensitive database information...
Multiple Vulnerabilities in EasyService Billing 'template_().php'
EasyService Billing is a PHP-based service-oriented consumer business management system . SQL injection and cross-site scripting vulnerabilities exist in EasyService Billing 'template.php'. The vulnerabilities can be exploited to obtain sensitive database information, execute arbitrary code in th...
NewsBee CMS 'home-text-edit.php' SQL Injection Vulnerability
NewsBee CMS is a news website CMS Content Management System. A SQL injection vulnerability exists in NewsBee CMS 'home-text-edit.php'. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in Ocean CMS
Ocean CMS seacms is a video-on-demand system designed for webmasters with different needs. Ocean CMS is vulnerable to SQL injection. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in Axublog Version 1.1.0
Axublog is a PHP personal blog system. A SQL injection vulnerability exists in Axublog version 1.1.0. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability at CMS destination
Situ CMS is a self-developed website management system suitable for tourism website construction. A SQL injection vulnerability exists in CMS destination. The vulnerability is caused due to the system failing to strictly filter user input data. An attacker can exploit this vulnerability to obtain...
CVE-2018-8967
An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in an adv2.php?action=modify request...