SQL Injection Vulnerability in QuestionId Parameter of Digital Campus Management System of Shanghai Pengda Computer System Development Co.

The digital campus system of Shanghai Pengda Computer System Development Co., Ltd. is a technology platform using .NET+SqlServer. NET+SqlServer technology platform. A SQL injection vulnerability exists in the Digital Campus Management System/BG/GRBG/QuestionManage/GenerQuestionnaire.aspx page of...

SQL Injection Vulnerability in ShowAjaxOptions Function of Tibco Call Center System

The core of the Tibco call center system is a communication-based enterprise internal and external communication system. A SQL injection vulnerability exists in the showAjaxOptions function of the Tibco Call Center System. Vulnerability file: /userweb/php/index/Outbound.class.php, exploit: UNION...

SQL Injection Vulnerability in showAjaxGetTransferLogDetail Function of Tibco Call Center System

The core of the Tibco call center system is a communication-based enterprise internal and external communication system. A SQL injection vulnerability exists in the showAjaxGetTransferLogDetail function of the call center system. Vulnerability file: /userweb/php/index/crmManager.class.php, exploi...

SQL injection vulnerability in fields parameter under source/ajax.php file of doyocms system

DOYO universal station-building system using PHP and MYSQL development, is a free open source CMS station-building, enterprise station-building system , can be widely used for personal, business, government, institutions and many other website construction. doyocms system source/ajax.php file und...

SQL Injection Vulnerability in DBSHOP_0.9.3_Beta Frontend

DBShop is an open source e-commerce online store system developed using endFramework. DBSHOP0.9.3Beta front SQL injection vulnerability . Due to /module/Shopfront/src/Shopfront/Controller/ArticleController.php at the id parameter spliced into the infoArticle failed to use quotation marks filter ,...

JumboTCMS V7.1.5.0829 ordernum parameter has sql injection vulnerability

JumboTCMS V7.1.5.0829 is a set of open source web content management system built by the Microsoft . JumboTCMS V7.1.5.0829 user/ajax.aspx?oper=ajaxPayOrder page ordernum parameter exists sql injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database informatio...

PT-2016-4489 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 16.4.1 Description: The issue is related to a Blind SQL Injection in the sUniqueID parameter of the WrFreeFormText.asp page. This allows for potential unauthorized access to database information. Recommendations:...

PHPOK V4.5.031 \framework\model\wealth.php wealth_autosave() function has SQL injection vulnerability

PHPOK is a website building system to achieve highly customized open source free website building system. A SQL injection vulnerability exists in the phpok version 4.5.031 \framework\model\wealth.php wealthautosave function. Allows an attacker to exploit the vulnerability to obtain sensitive...

SQL Injection Vulnerability in the id parameter of the /www/index.php page of Xiyu Media's Digital Newspaper System

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. There is a SQL injection vulnerability in this product, the vulnerability URL is: /www/index.php?mod=admin&con=review&act=view&id=, the vulnerability parameter is: id, the attacker can use the vulnerability t...

SQL Injection Vulnerability in the Content Parameter of the /www/index.php Page of Hi-Read Media's Digital Newspaper System

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. There is a SQL injection vulnerability in this product, the vulnerability URL is: /www/index.php?mod=admin&con=review&content=1, the vulnerability parameter is: content, the attacker can use the vulnerability...

SQL Injection Vulnerability in ry_whoisid Parameter of SSF Digital Management One-Stop System for Primary and Secondary Schools ry_list.asp Page

The SSF One-Stop Shop for Digital Management in Primary and Secondary Schools consists of an external website, a blog for teachers and students, and three internal platforms Teachers' Platform, Students' Platform and Parents' Platform. The product has a SQL injection vulnerability, the...

SQL injection vulnerability in BlogManage/Video/MyVideo.aspx page of Shanghai Hongyu Information Technology Co.

ECS ECS education site system is a general-purpose CMS program developed by Shanghai Hongyu Information Technology Co., Ltd. for schools, education and other site-building system. ECS BlogManage/Video/MyVideo.aspx page has a SQL injection vulnerability, which can be exploited to obtain sensitive...

SQL Injection Vulnerability in the Goodsid Parameter in the Add.aspx Page of the Office Automation System of Shanghai Shuang Yang Computer Hi-Tech Development Co.

Shanghai Shuang Yang Computer Hi-Tech Development Company Shuang Yang for short is a high-tech enterprise mainly engaged in application software development and system integration. The product /DSOATY/goods/GoodsAdd.aspx?goodsid=1&flag=2 at the existence of SQL injection vulnerability, the...

SQL Injection Vulnerability in Gobetter Video Conference System of Beijing Gobetter Technology Co.

Gobalt network video conferencing system supports thousands of people to participate in the meeting at the same time, supporting work meetings, remote training, product sales, online seminars, consulting services and other application scenarios. The product has a SQL injection vulnerability, the...

SQL Injection Vulnerability in Asset Management System sysbh Parameter of Jinan Guozi Digital Technology Co.

Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. The product suffers from SQL injection vulnerability, the vulnerability URL is: http://host/dxyqsyspt/sysList.aspx?sysbh=000001 The...

SQL Injection Vulnerability in ClientCourse.asmx?op, E-learning Management System of Xinwei Software

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the ClientCourse.asmx?op= page of the E-learning management system of Xinwei Software. An attacker can exploit the vulnerability to obtain sensitive information from...

SQL Injection Vulnerability in the Keyword Parameter of Digital Newspaper System of Joyful Reading Kiosk

Joyful Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. A SQL injection vulnerability exists in the keyword parameter of the Joyfully Reading Kiosk Digital Newspaper System. An attacker can exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in the id Parameter of Nanchangwei.com Electronic Newspaper System

Vnet Digital Newspaper" is a professional software product to digitize newspapers, which can provide a perfect solution for paper newspapers to go online. A SQL injection vulnerability exists in the id parameter of Nanchang WiNET Digital Newspaper System. An attacker can exploit the vulnerability...

Ocean CMS uid parameter has SQL injection vulnerability

Ocean CMS is an open source website builder. An SQL injection vulnerability exists in the uid parameter of the Ocean CMS i.php page. Attackers can use the vulnerability to obtain sensitive information in the website database...

SQL Injection Vulnerability in zzcms Latest Product Version /zx/search.php Page

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. A SQL injection vulnerability exists in the /zx/search.php page of the latest product version of zzcms. Attackers can use the vulnerability to obtain sensitive database data...