9873 matches found
SQL Injection Vulnerability in TUTUCMS System by Parameter
TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter by parameters, only the source code to do the corresponding code audit. This vulnerability allows attacke...
SQL Injection Vulnerability in psIdH Parameter of the Online Exam System of Shenzhen Biaochi Information Technology Co.
The Enterprise Huitong Online Exam System is a set of professional application software suitable for the government, schools, enterprises and institutions to carry out internal network examination and evaluation through the Internet or LAN. There is a SQL injection vulnerability in the psIdH...
SQL Injection Vulnerability in ZZCMS System zssave.php File
ZZCMS is an enterprise website builder. ZZCMS System v7.1 suffers from a SQL injection vulnerability due to the failure of the zssave.php file in the /user/ directory to properly handle the $ypid variable, which allows remote attackers to exploit the vulnerability by submitting specially crafted...
WordPress Zero Spam Plugin SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Zero Spam plugin suffers from a SQL injection vulnerability due to the program failing to adequatel...
SQL Injection Vulnerability in Nine to Five Network Website Building System
Ninety-five Network Building System is a general-purpose CMS system. The product has SQL injection vulnerability, vulnerability URL: http://target/News.asp?newskind= The vulnerability parameter is newskind , type is GET injection, numeric injection, the attacker can use the vulnerability to obtai...
Mediaone 'id' Parameter SQL Injection Vulnerability
MediaOne is a multi-window fusion controller of the famous American company dVision. The advantage of this multi-window fusion controller called picture splicer in China is that it integrates multi-window picture-in-picture function, image edge fusion and surface geometric correction function, an...
Joomla Catfiltering Component SQL Injection Vulnerability
Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS. Catfiltering is one of the image of the frequency domain filtering component . A SQL injection vulnerability exists in version 1.5.4 of the Joomla Catfiltering component, which can be exploite...
Joomla! SecurityCheck and SecurityCheck Pro SQL Injection Vulnerability
Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features . SecurityCheck and SecurityCheck Pro are among the network security extension components. A SQL injection vulnerability exists in...
Dashbuilder: SQL Injection on data set lookup filters
A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter...
Multiple SQL Injection Vulnerabilities in Empire Download System V2.5 Backend
Empire Download System" is a code completely open source, dedicated to the website information download and online video site to provide solutions. Empire Download System V2.5 backend has multiple SQL injection vulnerabilities. Allow attackers to exploit the vulnerability to obtain sensitive...
SQL Injection Vulnerability in the Papername Parameter of the Showlist.jsp Page of the Newspaper System of Beijing Zixin Newspaper Technology Development Co.
Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. A SQL...
SQL injection vulnerability in the searchKeys parameter of the newspaper system createcd.jsp page at Beijing Zixin Newspaper Technology Development Co.
Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. SQL injecti...
The vulnerability of the Solar-Log WEB monitoring system allows a malicious individual to execute arbitrary SQL commands.
Vulnerability allows remote attackers to execute arbitrary SQL commands using a specially crafted query...
SQL Injection Vulnerability in FangMail Email Backend Management System
U-Mail mail is widely used in government departments, schools, enterprises and institutions group enterprise mailbox software. A SQL injection vulnerability exists in the background management system of FangMail Mail. It allows attackers to utilize commonly used SQL injection tools to obtain...
Ktools Photostore SQL Injection Vulnerability
Ktools Photostore is the American Ktools company's set of professional photo gallery-like shopping cart software dedicated to selling pictures and other artwork online. A SQL injection vulnerability exists in Ktools Photostore versions prior to 4.7.5. An attacker can exploit this vulnerability to...
SQL Injection Vulnerability in Special Equipment Inspection Management System of Fuzhou Tranda Electronics Co.(CNVD-2016-06020)
Fuzhou Tranda Electronics Co., Ltd. is a high-tech enterprise specializing in software development, system integration, security services and other computer information services. Fuzhou Chuangda Electronics Co., Ltd. special equipment inspection management system is a data information management...
SQL Injection Vulnerability in minX Parameters of Zhongke Xinye Network Security Audit Platform
Zhongke Xinye Network Security Audit Platform is an Internet behavior analysis system. A SQL injection vulnerability exists in Zhongke Xinye Network Security Audit Platform due to the program not adequately filtering the minX parameter. An attacker is allowed to exploit the vulnerability to obtai...
Hebei Nanhao High-tech Development Co., Ltd. online marking system has many loopholes
Hebei Nanhao High-tech Development Co., Ltd. online marking system is a set of statistical analysis and query software. Hebei Nanhao High-tech Development Co., Ltd. online marking system SQL injection and unauthorized access vulnerabilities, attackers can use the vulnerability to obtain sensitive...
OurPHP Profile Modification Function SQL Injection Vulnerability
OurPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. The registered members of OurPHP OurPHP website builder system do not have anti-injection processing for the hidden form password when modifying their information...
SQL Injection Vulnerability in Online Teaching Platform of Higher Education Publishing House
The Higher Education Publishing House Online Teaching Platform is a system that provides online teaching and learning. A SQL injection vulnerability exists in the Higher Education Publishing House Network Teaching Platform, which can be exploited by attackers to obtain sensitive information from...