CVE-2019-12465

An issue was discovered in LibreNMS 1.50.1. A SQL injection flaw was identified in the ajaxrulesuggest.php file where the term parameter is used insecurely in a database query for showing columns of a table, as demonstrated by an ajaxrulesuggest.php?debug=1&term= request...

CVE-2019-12465

An issue was discovered in LibreNMS 1.50.1. A SQL injection flaw was identified in the ajaxrulesuggest.php file where the term parameter is used insecurely in a database query for showing columns of a table, as demonstrated by an ajaxrulesuggest.php?debug=1&term= request...

Sql injection

An issue was discovered in LibreNMS 1.50.1. A SQL injection flaw was identified in the ajaxrulesuggest.php file where the term parameter is used insecurely in a database query for showing columns of a table, as demonstrated by an ajaxrulesuggest.php?debug=1&term= request...

WordPress pie-register plugin SQL injection vulnerability

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. pie-register is a plugin for user registration and login form customization. A SQL injection vulnerability exists in WordPress...

Deepwoods Software WebLibrarian SQL Injection Vulnerability

Deepwoods Software WebLibrarian is a book management system plugin for use in WordPress from Deepwoods Software, USA. A SQL injection vulnerability exists in the 'AllBarCodes' function in Deepwoods Software WebLibrarian 3.5.2 and earlier versions. The vulnerability stems from a lack of validation...

SQL injection vulnerability exists in it***.php of website building system of Shanghai To-Mei Information Technology Co.

Ltd. is a company dedicated to corporate or entrepreneurial image design and online business expansion services. There is a SQL injection vulnerability in it.php, which can be exploited by attackers to obtain sensitive information from the database...

D-Link Central WiFi Manager (CWM-100) Arbitrary SQL Command Query Vulnerability

D-Link Central WiFi Manager CWM-100 is a Web-based wireless access point management tool. An arbitrary SQL command query vulnerability exists in D-Link Central WiFi Manager CWM-100 versions prior to 1.03R0100BETA6. The vulnerability stems from a failure to validate input. An attacker can exploit...

SQL Injection Vulnerability in B2C_UQ Cloud Business System

UQ Cloud Business System B2C version is a compact e-commerce system, the platform is developed by PHP7.0+Mysql. B2CUQ Cloud Business System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Acme CMS Backend vi***.php

Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. Aike CMS background vi.php SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SQL injection vulnerability in Five Fingers CMS co***.php page

Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS co.php page SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive database information...

BlueCMS SQL Injection Vulnerability

BlueCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in BlueCMS version 1.6. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

SQL Injection Vulnerability in semcms Backend

SemCms is an open source foreign trade enterprise website management system, mainly used for foreign trade enterprises. semcms background SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in Xinhuo Collaboration Office System ka***/ka***.php

Xinhuo Co-operation Office System is an office system based on php and mysql development. SQL injection vulnerability exists in ka/ka.php, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in the cl***_id*** parameter of Harbin Fengteng E-commerce station building system pr***.php page

Fengteng e-commerce website building system is a website building system. Harbin Fengteng e-commerce station building system pr.php page under the clid parameter there is a SQL injection vulnerability There is a SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitiv...

zzcms SQL Injection Vulnerability (CNVD-2019-13260)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in the /user/logincheck.php file in ZZCMS version 8.3. The vulnerability can be exploited by a remote attacker to execute SQL commands with the help of the 'X-Forwarded' parameter in the HTTP...

WordPress Plugin Advanced Custom Fields Pro SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress plugin Advanced Custom Fields Pro SQL injection vulnerability. The vulnerability is caused due to the program faili...

Database-query Authentication Bypass

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended...

CVE-2018-19654

An issue was discovered in Sales & Company Management System SCMS through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a...

TerraMaster TOS SQL Injection Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A SQL injection vulnerability exists in the logtable.php file in TerraMaster TOS...

ShopsN single merchant b2c mall system v2.3.6 has SQL injection vulnerability

ShopsN single merchant b2c mall system is an open source online store system developed using PHP + MySQL. ShopsN single merchant b2c mall system v2.3.6Us.class .php file addressadd function has a SQL injection vulnerability , an attacker can use this vulnerability to obtain the administrator...