Lucene search
K

9873 matches found

CNVD
CNVD
added 2016/08/29 12:0 a.m.4 views

SQL Injection Vulnerability in TUTUCMS System by Parameter

TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter by parameters, only the source code to do the corresponding code audit. This vulnerability allows attacke...

7.8AI score
Exploits0
CNVD
CNVD
added 2016/08/27 12:0 a.m.3 views

SQL Injection Vulnerability in psIdH Parameter of the Online Exam System of Shenzhen Biaochi Information Technology Co.

The Enterprise Huitong Online Exam System is a set of professional application software suitable for the government, schools, enterprises and institutions to carry out internal network examination and evaluation through the Internet or LAN. There is a SQL injection vulnerability in the psIdH...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2016/08/27 12:0 a.m.3 views

SQL Injection Vulnerability in ZZCMS System zssave.php File

ZZCMS is an enterprise website builder. ZZCMS System v7.1 suffers from a SQL injection vulnerability due to the failure of the zssave.php file in the /user/ directory to properly handle the $ypid variable, which allows remote attackers to exploit the vulnerability by submitting specially crafted...

8AI score
Exploits0
CNVD
CNVD
added 2016/08/25 12:0 a.m.4 views

WordPress Zero Spam Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Zero Spam plugin suffers from a SQL injection vulnerability due to the program failing to adequatel...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2016/08/25 12:0 a.m.5 views

SQL Injection Vulnerability in Nine to Five Network Website Building System

Ninety-five Network Building System is a general-purpose CMS system. The product has SQL injection vulnerability, vulnerability URL: http://target/News.asp?newskind= The vulnerability parameter is newskind , type is GET injection, numeric injection, the attacker can use the vulnerability to obtai...

8AI score
Exploits0References1
CNVD
CNVD
added 2016/08/11 12:0 a.m.5 views

Mediaone 'id' Parameter SQL Injection Vulnerability

MediaOne is a multi-window fusion controller of the famous American company dVision. The advantage of this multi-window fusion controller called picture splicer in China is that it integrates multi-window picture-in-picture function, image edge fusion and surface geometric correction function, an...

8AI score
Exploits0References1
CNVD
CNVD
added 2016/07/21 12:0 a.m.3 views

Joomla Catfiltering Component SQL Injection Vulnerability

Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS. Catfiltering is one of the image of the frequency domain filtering component . A SQL injection vulnerability exists in version 1.5.4 of the Joomla Catfiltering component, which can be exploite...

8AI score
Exploits0References1
CNVD
CNVD
added 2016/07/20 12:0 a.m.3 views

Joomla! SecurityCheck and SecurityCheck Pro SQL Injection Vulnerability

Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features . SecurityCheck and SecurityCheck Pro are among the network security extension components. A SQL injection vulnerability exists in...

8.2AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/07/14 5:54 p.m.5 views

Dashbuilder: SQL Injection on data set lookup filters

A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter...

9.8CVSS5.8AI score0.03653EPSS
Exploits0References4
CNVD
CNVD
added 2016/07/14 12:0 a.m.5 views

Multiple SQL Injection Vulnerabilities in Empire Download System V2.5 Backend

Empire Download System" is a code completely open source, dedicated to the website information download and online video site to provide solutions. Empire Download System V2.5 backend has multiple SQL injection vulnerabilities. Allow attackers to exploit the vulnerability to obtain sensitive...

8AI score
Exploits0
CNVD
CNVD
added 2016/07/11 12:0 a.m.3 views

SQL Injection Vulnerability in the Papername Parameter of the Showlist.jsp Page of the Newspaper System of Beijing Zixin Newspaper Technology Development Co.

Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. A SQL...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2016/07/11 12:0 a.m.3 views

SQL injection vulnerability in the searchKeys parameter of the newspaper system createcd.jsp page at Beijing Zixin Newspaper Technology Development Co.

Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. SQL injecti...

7.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.10 views

The vulnerability of the Solar-Log WEB monitoring system allows a malicious individual to execute arbitrary SQL commands.

Vulnerability allows remote attackers to execute arbitrary SQL commands using a specially crafted query...

7.5CVSS6.2AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2016/07/05 12:0 a.m.2 views

SQL Injection Vulnerability in FangMail Email Backend Management System

U-Mail mail is widely used in government departments, schools, enterprises and institutions group enterprise mailbox software. A SQL injection vulnerability exists in the background management system of FangMail Mail. It allows attackers to utilize commonly used SQL injection tools to obtain...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2016/07/01 12:0 a.m.7 views

Ktools Photostore SQL Injection Vulnerability

Ktools Photostore is the American Ktools company's set of professional photo gallery-like shopping cart software dedicated to selling pictures and other artwork online. A SQL injection vulnerability exists in Ktools Photostore versions prior to 4.7.5. An attacker can exploit this vulnerability to...

9.8CVSS8.4AI score0.02317EPSS
Exploits5References1
CNVD
CNVD
added 2016/06/13 12:0 a.m.3 views

SQL Injection Vulnerability in Special Equipment Inspection Management System of Fuzhou Tranda Electronics Co.(CNVD-2016-06020)

Fuzhou Tranda Electronics Co., Ltd. is a high-tech enterprise specializing in software development, system integration, security services and other computer information services. Fuzhou Chuangda Electronics Co., Ltd. special equipment inspection management system is a data information management...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2016/06/13 12:0 a.m.5 views

SQL Injection Vulnerability in minX Parameters of Zhongke Xinye Network Security Audit Platform

Zhongke Xinye Network Security Audit Platform is an Internet behavior analysis system. A SQL injection vulnerability exists in Zhongke Xinye Network Security Audit Platform due to the program not adequately filtering the minX parameter. An attacker is allowed to exploit the vulnerability to obtai...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2016/06/02 12:0 a.m.3 views

Hebei Nanhao High-tech Development Co., Ltd. online marking system has many loopholes

Hebei Nanhao High-tech Development Co., Ltd. online marking system is a set of statistical analysis and query software. Hebei Nanhao High-tech Development Co., Ltd. online marking system SQL injection and unauthorized access vulnerabilities, attackers can use the vulnerability to obtain sensitive...

7.8AI score
Exploits0References1
CNVD
CNVD
added 2016/05/26 12:0 a.m.2 views

OurPHP Profile Modification Function SQL Injection Vulnerability

OurPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. The registered members of OurPHP OurPHP website builder system do not have anti-injection processing for the hidden form password when modifying their information...

7AI score
Exploits0
CNVD
CNVD
added 2016/05/23 12:0 a.m.3 views

SQL Injection Vulnerability in Online Teaching Platform of Higher Education Publishing House

The Higher Education Publishing House Online Teaching Platform is a system that provides online teaching and learning. A SQL injection vulnerability exists in the Higher Education Publishing House Network Teaching Platform, which can be exploited by attackers to obtain sensitive information from...

7.7AI score
Exploits0References1
Rows per page
Query Builder