1310 matches found
Simplejobscript.com SJS SQL Injection Vulnerability
Simplejobscript.com SJS is a WEB based recruitment application service program. A SQL injection vulnerability exists in Simplejobscript.com SJS, which stems from a lack of validation of externally entered SQL statements in database-based applications and can be exploited by an attacker to execute...
SQL Injection Vulnerability in MediPro's Township Government Portal System
MediPro Township Government Portal System is a website suitable for township government agencies to create local portals to publicize local resources, realize open government affairs and promote township grassroots informatization. A SQL injection vulnerability exists in MediPro Township Governme...
Online TV Database SQL Injection Vulnerability
Online TV Database is a set of online TV program database. A SQL injection vulnerability exists in the 'ID' parameter in Online TV Database version 2011. The vulnerability stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit...
SQL Injection Vulnerability in the Background Administration C***t.asp Page of Angel School Training Website System
Angel school training website system is an open source website management system. Angel school training website system background management Ct.asp page there is a SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information in the database...
PowerSoft Agile Development Framework 7.0.6 suffers from SQL Injection Vulnerability
PowerSoft Agile Development Framework is a set of software system projects based on intelligent scalable components, suitable for enterprise management software and Internet platform back-end system development, the framework provides a perfect permissions role management functions, rapid...
CVE-2019-10205
A flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker able to perform database queries in the Red Hat Quay database could use the tokens to read or write container images stored in the registry...
CVE-2019-12413
In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...
SQL Injection Vulnerability in Laike E-commerce System (CNVD-2020-01258)
Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. A SQL injection vulnerability exists in Laike E-commerce system, which can be exploited by attackers to access sensitive database information...
Redmine SQL Injection Vulnerability
Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A SQL injection vulnerability exists in Redmine. The vulnerability stems from a lack of validation o...
Pixie SQL Injection Vulnerability
Pixie is a PHP-oriented database query generator . A SQL injection vulnerability exists in the limit function in Pixie, which can be exploited by attackers to conduct SQL injection attacks...
SQL injection vulnerability in seacms backend (CNVD-2019-43675)
Ocean CMS seacms is a video-on-demand system based on PHP+MySql technology. There is a SQL injection vulnerability in the backend of seacms, which can be exploited by attackers to obtain sensitive database information...
pixelpost SQL injection vulnerability (CNVD-2019-39945)
pixelpost is a set of PHP and MySQL based , scalable open source photo blog application . A SQL injection vulnerability exists in pixelpost version 1.7.1-5, which stems from a lack of validation of externally-entered SQL statements in the database-based application and can be exploited by an...
SQL Injection in LibreNMS
An issue was discovered in LibreNMS 1.50.1. A SQL injection flaw was identified in the ajaxrulesuggest.php file where the term parameter is used insecurely in a database query for showing columns of a table, as demonstrated by an ajaxrulesuggest.php?debug=1&term= request...
Cisco Firepower Management Center SQL Injection Vulnerability (CNVD-2019-34736)
Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A SQL injection vulnerability exists in the web-based management interface in Cisco FMC, which stems from the program's failure to properly validate input. A remote attacker could exploit...
SugarCRM Administration Module SQL Injection Vulnerability
SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the Administration module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit this vulnerability to inject custom PHP code...
SugarCRM pmse_Inbox Module SQL Injection Vulnerability
SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the pmseInbox module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit this vulnerability to inject custom PHP code...
S-CMS School Building System v1.0 SQL Injection Vulnerability in Background aja*** U_s** Parameters
S-CMS is a content management system CMS based on PHP and MySQL. S-CMS School Building System v1.0 has a SQL injection vulnerability in the aja Us parameter in the background, which allows attackers to obtain sensitive information from the database...
PT-2019-3380 · Cisco · Cisco Firepower Management Center
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to improper input validation in the web-based management interface, allowing an authenticated, remote attacker to execute arbitra...
CVE-2017-18602
The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examappUserResult id parameter...
LibreNMS SQL Injection Vulnerability (CNVD-2019-32206)
LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . A SQL injection vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an authenticated attacker to corrupt database queries to extract or manipulate data...