1310 matches found
SQL Injection Vulnerability in NUCMS V1.1
NUCMS content management system is a domestic outstanding open source website management system , based on PHP MySQL technology development. Developed using the domestic famous open source PHP framework , using Jquery and CSS3 interface design , compatible with IE8 and above mainstream browser...
PHP Dashboards SQL Injection Vulnerability
A SQL injection vulnerability exists in PHP Dashboards. The vulnerability is caused due to a failure to adequately filter user-supplied data before it is used in the program's SQL queries, which can be exploited by an attacker to gain access to sensitive database information...
CVE-2018-0320
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning PCP could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation on user-supplied input in SQL queries. An attacker could exploit this...
Multiple Vulnerabilities in EasyService Billing 'template_().php'
EasyService Billing is a PHP-based service-oriented consumer business management system . SQL injection and cross-site scripting vulnerabilities exist in EasyService Billing 'template.php'. The vulnerabilities can be exploited to obtain sensitive database information, execute arbitrary code in th...
SQL Injection Vulnerability in Ocean CMS
Ocean CMS seacms is a video-on-demand system designed for webmasters with different needs. Ocean CMS is vulnerable to SQL injection. An attacker can exploit the vulnerability to obtain sensitive database information...
NewsBee CMS 'home-text-edit.php' SQL Injection Vulnerability
NewsBee CMS is a news website CMS Content Management System. A SQL injection vulnerability exists in NewsBee CMS 'home-text-edit.php'. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in Axublog Version 1.1.0
Axublog is a PHP personal blog system. A SQL injection vulnerability exists in Axublog version 1.1.0. An attacker can exploit the vulnerability to obtain sensitive database information...
SQL Injection Vulnerability in Guangzhou Lianxiang Cms
Guangzhou Lianxiang Information Technology Co., Ltd. is an e-commerce Internet enterprise that specializes in website construction, micro letter development and website development. Guangzhou Lianxiang CMS has a SQL injection vulnerability. Attackers can use the vulnerability to perform malicious...
SQL Injection Vulnerability in Longcai Technology Cms
Longcai Technology Group is a high-tech enterprise with website construction, network promotion, network engineering construction, software development, computer maintenance and multimedia video production as its main business. Longcai Technology Cms has a SQL injection vulnerability. Attackers c...
Zoho ManageEngine Desktop Central Database Query Mechanism Authentication/Authorization Missing Vulnerability
ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...
CVE-2018-5339
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions...
CVE-2018-5339
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions...
CVE-2018-5338
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism...
Type confusion
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions...
Authorization
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism...
CVE-2018-5338
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism...
CVE-2018-5338
CVE-2018-5338 affects Zoho ManageEngine Desktop Central versions 10.0.124 and 10.0.184, where the database query mechanism lacks proper authentication/authorization, allowing bypass of security restrictions. This is described across multiple sources (NVD entry notes missing auth for the database ...
CVE-2018-5339
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions...
SQL Injection Vulnerability at CMS destination
Situ CMS is a self-developed website management system suitable for tourism website construction. A SQL injection vulnerability exists in CMS destination. The vulnerability is caused due to the system failing to strictly filter user input data. An attacker can exploit this vulnerability to obtain...
CVE-2018-8967
An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in an adv2.php?action=modify request...