723 matches found
CVE-2017-17420
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobCountHistory Get method requests. The issue...
Event Manager SQL Injection Vulnerability
Event Manager is a PHP-based event management script . A SQL injection vulnerability exists in Event Manager version 1.0. A remote attacker can inject SQL commands by sending the 'id' parameter to the event.php file or the 'slug' parameter to the page.php file...
CVE-2018-6363
SQL Injection exists in Task Rabbit Clone 1.0 via the singleblog.php id parameter...
Zenario SQL Injection Vulnerability
Zenario is a web-based content management system for multilingual websites. A SQL injection vulnerability exists in Zenario versions 7.1 through 7.6. A remote attacker can exploit this vulnerability to execute malicious SQL commands with the help of the 'Name' input field in the organizer.php or...
JEXTN Question And Answer extension SQL Injection Vulnerability
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions.JEXTN Question And Answer extension is used in one of the online question and answer plug-ins. A SQL injection vulnerability...
Quest NetVault Backup SQL Injection Vulnerability
Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUBackup JobList method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings prior...
CVE-2017-17695
Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter...
FS Makemytrip Clone SQL Injection Vulnerability
FS Makemytrip Clone is a PHP and MySQL based vacation and travel booking system. A SQL injection vulnerability exists in FS Makemytrip Clone version 1.0. A remote attacker can inject SQL commands by sending the 'florig' or 'fldest' parameter to the show-flight-result.php file...
Huawei UMA Product SQL Injection Vulnerability
Huawei UMA Unified Maintenance Audit is a unified audit system. It provides a unified O&M operation portal to control and record the O&M operations performed by users, and supports auditing by command view and video playback. A SQL injection vulnerability exists in the Huawei UMA product, as the...
ZOHO ManageEngine Applications Manager SQL Injection Vulnerability (CNVD-2017-37247)
ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A SQL injection...
Mailing List Manager Pro SQL Injection Vulnerability
Mailing List Manager Pro is an email marketing system. The system features mailing list building, address book editing and autoresponders. A SQL injection vulnerability exists in Mailing List Manager Pro version 3.0. A remote attacker can exploit the vulnerability by sending SQL injection command...
Anblik WordPress image-gallery-with-slideshow SQL Injection Vulnerability
Anblik WordPress image-gallery-with-slideshow is a slideshow plugin for WordPress developed by Anblik Web Design India. A SQL injection vulnerability exists in the image-gallery-with-slideshow/adminsetting.php file in Anblik WordPress image-gallery-with-slideshow version 1.5.2. A remote attacker...
SQL Injection Vulnerability in MIPCMS ApiAdminTag.php Page
MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...
WordPress Easy Modal classescontrolleradminmodals.php file SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability in the WordPress Easy Modal classescontrolleradminmodals.php file allows remote attackers to...
PHPSHE B2C mall system user.php parameter has sql injection vulnerability
PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation feedback and other functions, providing users with online shopping mall construction program. A SQL injection vulnerability exists in the user.p...
Niushop open source mall system Auth.php has sql injection vulnerabilities
NiuShop open source mall system , is by the Shanxi Niu Cool Information Technology Co., Ltd. completely independent design , research and development of a PHP open source e-commerce system . Niushop open source mall system Auth.php file parameters exist in the SQL injection vulnerability...
wstmall open source mall system userType parameters exist SQL injection vulnerability
WSTMall is a multi-commercial O2O open source system developed by Merchant Software based on thinkphp, is a system that can help businesses and individuals to quickly build a community service system. wstmall open source mall system userType parameter SQL injection vulnerability , because the...
SQL injection vulnerability in cms company.asp file id parameter
Tianjin Qihang enterprise station building cms is a website building system. SQL injection vulnerability exists in the id parameter of the company.asp file. An attacker can use this vulnerability to obtain sensitive information from the database...
Schneider Electric U.motion Builder track_getdata Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. No authentication is required to exploit this vulnerability. A remote code execution vulnerability exists in Schneider Electric U.motion Builder trackgetdata. T...
Joomla Payage component 'aid' parameter SQL injection vulnerability
Joomla is an open source, cross-platform content management system CMS developed using PHP and MySQL. A SQL injection vulnerability exists in the 'aid' parameter of the Joomla Payage component, which allows an attacker to exploit the vulnerability to gain access to sensitive database information...