2820 matches found
CVE-2018-18787
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie...
CVE-2018-11785
Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query...
Changchun Lingzhan Software Co., Ltd.'s College Academic Affairs Management System Exploits SQL Injection Vulnerabilities
Changchun Lingzhan Software Co., Ltd. is a high-tech enterprise specializing in the development and sale of application software for the education industry. Changchun Lingzhan Software Co., Ltd. has a SQL injection vulnerability in the university academic affairs management system. Attackers can...
CMS ISWEB SQL Injection Vulnerability
CMS ISWEB is a content management system CMS. A SQL injection vulnerability exists in CMS ISWEB version 3.5.3. A remote attacker can exploit this vulnerability to inject malicious query statements into the application and obtain sensitive information...
REDAXO SQL Injection Vulnerability
REDAXO is an open source Web portal content management system . The system supports custom modules , plug-in extensions , project backup and so on. A SQL injection vulnerability exists in Benutzerverwaltung in versions prior to REDAXO 5.6.4. A remote attacker can exploit this vulnerability to...
Social Factory SQL Injection Vulnerability in Joomla!
Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Social Factory component of Joomla! The vulnerability is caused by inserting SQL commands into the query string of a web form submission ...
SeaCMS SQL Injection Vulnerability (CNVD-2018-19865)
SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A SQL injection vulnerability exists in the 'order' parameter in SeaCMS version 6.64, which can be exploited by remote attackers to execute SQ...
SemCms php version V3.2 SQL injection vulnerability in frontend
SemCms is an open source foreign trade enterprise website management system , mainly for foreign trade enterprises , compatible with IE, Firefox and other mainstream browsers . SemCms php version V3.2 front-end SQL injection vulnerability , attackers can use the vulnerability to obtain the...
ZZCMS 8.3 version zs***.php file has SQL injection vulnerability
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the zs.php file of ZZCMS version 8.3. An attacker can exploit the vulnerability to obtain sensitive information from the database...
SQL injection vulnerability in ZZCMS 8.3 ta***.php file
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the ta.php file of ZZCMS version 8.3. An attacker can exploit the vulnerability to obtain sensitive information from the database...
CVE-2018-16724
An issue is discovered in baijiacms V4. Blind SQL Injection exists via the order parameter in an index.php?act=index request...
CVE-2018-16436
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator...
SQL Injection Vulnerability in the Frontend of DaQuanZhouAuto.com
It is an automobile network platform that provides Quanzhou automobile, Quanzhou automobile information, Quanzhou new car, Quanzhou used car and other services. SQL injection vulnerability exists in the front-end of DaQuanZhouAuto.com, the vulnerability stems from the failure to filter the pagenu...
Query Injection
flintcms is vulnerable to privilege escalation attacks. The library does not sanitize user input, allowing a malicious user to inject and execute arbitrary MongoDB queries through the password reset page...
OpenEMR SQL Injection Vulnerability (CNVD-2018-17196)
OpenEMR is an open source medical management system maintained by the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A SQL injection vulnerability exists in the...
SQL Injection Vulnerability in nucms V1.1
nucms is a content management system based on PHP+MYSQL technology developed by Liaocheng Leadsun Network Technology Co. nucms V1.1 version of SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information...
SQL Injection Vulnerability in the Query of the Opinion Collection Module of SMi CMS Group Web Group System
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. SQL injection vulnerability exists in the query of the opinion collection module of the State Micro CMS group station group system. Attackers...
SQL Injection Vulnerability in Shenzhen PointClear Information Technology PointClear MIS Management Information System
PointClear MIS Management Information System is an enterprise-level instant messaging platform launched by PointClear. Shenzhen PointClear Information Technology PointClear MIS Management Information System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain...
SQL Injection Vulnerability in the Website Building System of Tianjin Enterprises and Businesses Huichuang Technology Co.
Ltd. is a comprehensive network service provider in Tianjin. There is a SQL injection vulnerability in the website building system of Tianjin Enterprises and Businesses Huichuang Technology Co., Ltd, which can be exploited by attackers to obtain sensitive information from the database...
Zhengzhou Kintechnology Co., Ltd. website building system has SQL injection vulnerabilities
Zhengzhou Prime Technology Co., Ltd. specializes in providing customers with online business solutions in the field of information technology. Zhengzhou DynaSky Culture Communication Co., Ltd. website construction system has a SQL injection vulnerability, which can be exploited by attackers to...