723 matches found
SQL injection vulnerability in cid parameter of Fangfa CMS FcontentAction.class.php page
Fangfa CMS is a scalable web content management software. A SQL injection vulnerability exists in the cid parameter of the Fangfa CMS V4.0 FcontentAction.class.php page, which can be exploited by an attacker to obtain sensitive information from the database...
WordPress HDW Player Plugin SQL Injection Vulnerability
HDW Player is an application plugin available on the official WordPress Store that provides streaming media playback services. The WordPress HDW Player plugin suffers from a SQL injection vulnerability, which is exploited by attackers to read sensitive information in the database...
PHPCMS 'index.php' page has SQL injection vulnerability
PHPCMS is a website management software. The software adopts modular development and supports a variety of classification methods, using it can easily realize the design, development and maintenance of personalized websites. PHPCMS 'index.php' page has a SQL injection vulnerability, which can be...
Joomla Eventix Events Calendar Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla BookLibrary component. An attacker can exploit the vulnerability to access or modify database data...
Joomla J-CruiseReservation Standard Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla J-CruiseReservation Standard component. An attacker can exploit the vulnerability to access or modify database data...
Joomla com_maxcomment component SQL injection vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla commaxcomment component. An attacker can exploit the vulnerability to access or modify database data...
SQL Injection Vulnerability in Ocean CMS v_name Parameter
Ocean CMS is an open source website builder. A SQL injection vulnerability exists in the adminajax.php page of Ocean CMS 6.46 utf-8 official version. The lack of filtering of the 'vname' parameter allows an attacker to exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in Ocean CMS zyapi.php Page
Ocean CMS is an open source website builder. A SQL injection vulnerability exists in the Ocean CMS zyapi.php page. The lack of filtering of the '$ids' parameter allows attackers to exploit the vulnerability to obtain sensitive information about the database...
MyBB has multiple vulnerabilities (CNVD-2016-11623)
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.7, including: SQL injecti...
MyBB has multiple vulnerabilities (CNVD-2016-11613)
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.8 including: SQL injectio...
DotCMS SQL Injection Vulnerability (CNVD-2016-11002)
DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A SQL injection vulnerability exists in the Site BrowserTemplates pages screen in versions of DotCMS prior to...
Exponent CMS 'fileid' Parameter SQL Injection Vulnerability
Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...
SQL Injection Vulnerability in Digital China Internet Behavior Management System Announcement_starttime Parameter
Digital China Internet Behavior Management System is an Internet behavior logging system that fully owns the network behavior analysis management system, integrating hardware and software architecture, behavior analysis engine, management and control policies, analyzing network activities in real...
SQL Injection Vulnerability in KuaiFanCMS File /upload/kuaifan/module/xinxi/fajian.module.php
KuaiFanCMS V5.x is developed with PHP5+MYSQL as the technical base. kf is built with Smarty template engine. KuaiFanCMS file /upload/kuaifan/module/xinxi/fajian.module.php at the existence of SQL injection vulnerability, an attacker can use this vulnerability to obtain sensitive database...
SQL Injection Vulnerability in ChannelList.aspx Page of Shandong Wave Government Approval Platform
Wave Government Approval Platform is a cloud computing infrastructure platform of Shandong Wave Qilu Software Co. A SQL injection vulnerability exists in the ChannelList.aspx page of the Shandong Wave Government Approval Platform, which can be exploited by attackers to obtain sensitive database...
SQL Injection Vulnerability in hdcms Framework rname Parameter
HDCMS is a content management system package written in PHP. A SQL injection vulnerability exists in the rname parameter of the hdcms framework, as the program fails to adequately filter the rname parameter and only does corresponding code auditing on the source code. An attacker is allowed to...
SQL Injection Vulnerability in Doccms
Rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is the industry's leading free open source enterprise website building system, enterprise website generation system. Doccms SQL injection vulnerability , due...
PHPBack SQL Injection Vulnerability
PHPBack is an open source Web application feedback system . PHPBack suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability to submit specially crafted SQL queries to manipulate or obtain database data...
Joomla! com_memorix component 'index.php' SQL Injection Vulnerability
Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the Joomla commemorix component 'index.php'. The vulnerability exists becau...
Drupal WikiWiki Module SQL Injection Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A SQL injection vulnerability exists in the Drupal WikiWiki module. It allows remote attackers to execute arbitrary SQL commands...