SQL Injection Vulnerability in Rabbit Movie CMS

Rabbit TV CMS is an open source content building system. Rabbit Movie CMS has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in QYKCMS v4.3.2

QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. QYKCMS v4.3.2 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL injection vulnerability in free version of Touchmedia Mall system

TouchNet universal mall station-building system is a set of universal station-building system developed by Tianjin TouchNet Technology Co. TouchNet Universal Mall Station Building System free version of the foreground there is a SQL injection vulnerability, the attacker can be customized through...

CVE-2018-18791

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie...

Curriculum Evaluation System 1.0 - SQL Injection

Curriculum Evaluation System 1.0 - SQL Injection Exploit Title: Curriculum Evaluation System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

SeaCMS SQL Injection Vulnerability (CNVD-2018-19865)

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A SQL injection vulnerability exists in the 'order' parameter in SeaCMS version 6.64, which can be exploited by remote attackers to execute SQ...

SemCms php version V3.2 SQL injection vulnerability in frontend

SemCms is an open source foreign trade enterprise website management system , mainly for foreign trade enterprises , compatible with IE, Firefox and other mainstream browsers . SemCms php version V3.2 front-end SQL injection vulnerability , attackers can use the vulnerability to obtain the...

SQL injection vulnerability in ZZCMS version 8.3 zs***.php file (CNVD-2018-19951)

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the zs.php file of ZZCMS version 8.3. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in ZZCMS 8.3 ta***.php file

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the ta.php file of ZZCMS version 8.3. An attacker can exploit the vulnerability to obtain sensitive information from the database...

CVE-2018-16436

Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator...

NoSQL Injection

loopback-connector-mongodb is susceptible to NoSQL injection attack. The buildWhere and buildSort functions fail to sanitize the filter passed to the database query, allowing the attacker to inject and execute arbitrary NoSQL queries...

SQL Injection Vulnerability in the Frontend of DaQuanZhouAuto.com

It is an automobile network platform that provides Quanzhou automobile, Quanzhou automobile information, Quanzhou new car, Quanzhou used car and other services. SQL injection vulnerability exists in the front-end of DaQuanZhouAuto.com, the vulnerability stems from the failure to filter the pagenu...

GHSA-M8H6-M9P5-P2F8 Moderate severity vulnerability that affects activerecord

Withdrawn, accidental duplicate publish. Active Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions a...

Yixing Yulu Media Co., Ltd. website construction system suffers from SQL injection vulnerability

Yixing Yulu Media Co., Ltd. is to provide enterprises with the most comprehensive, thoughtful, professional Internet solutions, to provide WeChat small program, WeChat public number, domain name registration, web hosting, enterprise mailboxes, website construction, website development, website...

SQL Injection Vulnerability in POSCMS v3.2.0 (Free Edition) A***.php

POSCMS PhpOpenSourceCMS is a set of China Tianrui information technology company developed a set of PHP and MySQL-based, open source, cross-platform Web content management system CMS. POSCMS v3.2.0 free version A.php suffers from a SQL injection vulnerability, which can be exploited by attackers ...

Sql injection

The vulnerability exists within processing of trackgetdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter...

CVE-2018-7773

The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter...

CVE-2018-7768

The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter...

iThemes Security SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site. iThemes Security better-wp-security plugin is used in one of the intrusion of a website for protection of the...

Security Bulletin: Information disclosure through unauthenticated SOAP request message. (CVE-2016-0299)

Summary IBM TRIRIGA could disclose sensitive information using a query to the IBM TRIRIGA platform database using crafted web service request by means of a HTTP / SOAP query. Vulnerability Details CVEID: CVE-2016-0299 CVSS Base Score: 5.3 CVSS Temporal Score: See...