2820 matches found
LibreNMS SQL Injection Vulnerability (CNVD-2019-32206)
LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . A SQL injection vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an authenticated attacker to corrupt database queries to extract or manipulate data...
SQL Injection Vulnerability in FlameCMS
FlameCMS lightweight modular front-end framework for developing fast, powerful web interfaces. FlameCMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain database information...
WordPress pie-register plugin SQL injection vulnerability
WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. pie-register is a plugin for user registration and login form customization. A SQL injection vulnerability exists in WordPress...
S-CMS enterprise website builder system backend P_br*** parameter exists SQL injection vulnerability
S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the Pbr parameter in the background of S-CMS enterprise website building system. Attackers...
S-CMS enterprise website builder system backend F_qs*** parameter exists SQL injection vulnerability
S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the Fqs parameter in the background of S-CMS enterprise website building system. Attackers...
Moodle Acclaim block plugin SQL injection vulnerability
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment.Acclaim block is a plugin used in it to handle course completion. A SQL injection vulnerability exists in versions of the Moodle Acclai...
WordPress cforms2 plugin SQL injection vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. cforms2 is a form builder plugin used in it. A SQL injection vulnerability exists in the WordPress cforms2 plugin. An attacker can...
SQL injection vulnerability in zzcms backend (CNVD-2019-30313)
ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in the backend of zzcms, which can be exploited by attackers to obtain sensitive information from the database...
Pangu Network Technology website builder system suffers from SQL injection vulnerability
Pangu Network is a regional service operator authorized by Baidu, a group of companies providing integrated network marketing services to customers in the region with Baidu's business as the core. A SQL injection vulnerability exists in Pangu Network Technology's website builder system, which can...
SQL Injection Vulnerability in TurboECM Content Management System ti*** Page of Jiangsu Tide Technology Co.
Ltd. is a company dedicated to the research and product development of Internet content data management, mining, analysis and application technology. A SQL injection vulnerability exists in the TurboECM content management system ti page of Jiangsu Tide Technology Co. Ltd, which can be exploited b...
marginalia SQL Injection Vulnerability
marginalia is a package for adding annotations to ActiveRecord queries. A SQL injection vulnerability exists in versions prior to marginalia 1.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...
SQL Injection Vulnerability in Five Fingers CMS Backstage Model Management System
Five Fingers CMS is a professional content management system. Five Fingers CMS backend model management system has SQL injection vulnerability, attackers can exploit the vulnerability to obtain database information...
Ovidentia SQL Injection Vulnerability (CNVD-2019-24209)
Ovidentia is an open source content management system and collaboration platform based on PHP and MySQL by the French CANTICO team, which can be used for publishing and managing projects, publication and article management, schedule sharing, and more. A SQL injection vulnerability exists in...
CVE-2019-1010259
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.userchpass function from the MySQL module for Salt. The attack vector is: specially crafted...
SolarWinds Network Performance Monitor SQL Injection Vulnerability
SolarWinds Network Performance Monitor NPM is a network performance monitor from SolarWinds, Inc. that provides monitoring and reporting, tracking of up/down status, real-time analytics, and network performance statistics for routers, virtualized environments, and other devices. A SQL injection...
SQL injection vulnerability exists in it***.php of website building system of Shanghai To-Mei Information Technology Co.
Ltd. is a company dedicated to corporate or entrepreneurial image design and online business expansion services. There is a SQL injection vulnerability in it.php, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Electronic Supervision System of Gansu Chengxing Information Technology Co.
Gansu Chengxing Information Technology Co., Ltd. developed to meet the needs of various types of public resource transactions, can provide timely, reliable and effective support for the Chengxing public resource trading platform. Gansu Chengxing Information Technology Co., Ltd. electronic...
CVE-2019-12850
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168...
CVE-2019-12850
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168...
Design/Logic Flaw
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168...