9982 matches found
SQL Injection Vulnerability in SMi CMS School Station Group System v20180314 (CNVD-2018-10727)
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school station group system v20180314 version of the SQL injection vulnerability , attackers can exploit the vulnerability to...
Dolibarr SQL Injection Vulnerability (CNVD-2018-15284)
Dolibarr is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr versions prior to...
Dolibarr SQL Injection Vulnerability (CNVD-2018-15283)
Dolibarr is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr versions prior to...
iScripts eSwap SQL Injection Vulnerability (CNVD-2018-15242)
iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...
UBUNTU-CVE-2018-10094
SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes...
CVE-2018-6493
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection...
CVE-2018-10738
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter...
CVE-2018-10737
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter...
PrestaShop Responsive Mega Menu Pro Module SQL Injection Vulnerability
PrestaShop is an open source e-commerce solution from PrestaShop. The solution provides a variety of payment methods , short message alerts and product image scaling and other features.Attribute Wizard addon is one of the product attribute add module.Responsive Mega Menu...
CVE-2018-8824
modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter...
TYPO3 Event Management and Registration SQL Injection Vulnerability
Typo3 is one of the leading brands of open source content management systems CMS and content management frameworks CMF based on PHP and MySQL databases and is a powerful open source solution.TYPO3 Event management and registration is one of the extensions for managing events and registration. A S...
CVE-2018-10256
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query...
Mitel MiVoice Connect SQL Injection Vulnerability
Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Corporation of Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the...
Chemical website supported by HuaxiaChemNet suffers from SQL injection vulnerability.
Huaxia chemical network is by Shanghai Danfan network technology limited company founded, is for the chemical industry to provide security, high efficiency, multi-function, system supporting B2B electronic commerce platform of professional website. The chemical website supported by HuaxiaChemNet...
Kliqqi CMS SQL Injection Vulnerability
Kliqqi CMS is a content management system CMS. A SQL injection vulnerability exists in Kliqqi CMS version 3.5.2. A remote attacker can exploit the vulnerability to view data in the database with the help of the 'randkey' parameter with the value AND SELECT FROM SELECTSLEEP5MBMY to potentially gai...
Nagios XI core config manager authentication bypass vulnerability
Nagios XI is an IT infrastructure monitoring solution from Nagios, Inc. that supports monitoring and alerting of applications, services, operating systems, etc. core config manager is one of the core configuration managers. The solution supports monitoring and alerting of applications, services,...
SQL Injection Vulnerability in Enterprise Website Building System of Zaozhuang Frontier Technology Co.
Zaozhuang Frontier Technology Co., Ltd. is engaged in software technology services. A SQL injection vulnerability exists in the enterprise website building system of Zaozhuang Frontier Technology Co. An attacker can exploit the vulnerability to obtain sensitive database information...
UBUNTU-CVE-2017-9839
Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php type parameter...
Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-08337)
Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr ERP/CRM...
Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-08348)
Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr ERP/CRM 7.0.0...