CVE-2017-17823

The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php orderby array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database...

Quest NetVault Backup SQL Injection Vulnerability

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUBackup JobList method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings prior...

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37638)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUPhaseStatus Count method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings...

CVE-2017-17695

Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter...

PHP Scripts Mall Realestate Crowdfunding Script SQL Injection Vulnerability

PHP Scripts Mall Realestate Crowdfunding Script is a PHP based real estate crowdfunding website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Realestate Crowdfunding Script version 2.7.2. A remote attacker can exploit the vulnerability by sending the...

FS Makemytrip Clone SQL Injection Vulnerability

FS Makemytrip Clone is a PHP and MySQL based vacation and travel booking system. A SQL injection vulnerability exists in FS Makemytrip Clone version 1.0. A remote attacker can inject SQL commands by sending the 'florig' or 'fldest' parameter to the show-flight-result.php file...

PHP Scripts Mall Consumer Complaints Clone Script SQL Injection Vulnerability

PHP Scripts Mall Consumer Complaints Clone Script is a set of PHP based consumer online complaints and reviews website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Consumer Complaints Clone Script version 1.0. A remote attacker can exploit the...

Huawei UMA Product SQL Injection Vulnerability

Huawei UMA Unified Maintenance Audit is a unified audit system. It provides a unified O&M operation portal to control and record the O&M operations performed by users, and supports auditing by command view and video playback. A SQL injection vulnerability exists in the Huawei UMA product, as the...

ZOHO ManageEngine Applications Manager SQL Injection Vulnerability (CNVD-2017-37247)

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A SQL injection...

SQL Injection Vulnerability in EML Enterprise Address Book Management System action.link.php file

EML enterprise customer relationship management system is based on Linux open kernel and Apache based Php + Mysql intelligent B / S interactive service system. A SQL injection vulnerability exists in the EML Enterprise Contact Management System action.link.php file. An attacker can exploit this...

Mailing List Manager Pro SQL Injection Vulnerability

Mailing List Manager Pro is an email marketing system. The system features mailing list building, address book editing and autoresponders. A SQL injection vulnerability exists in Mailing List Manager Pro version 3.0. A remote attacker can exploit the vulnerability by sending SQL injection command...

Fake Magazine Cover Script SQL Injection Vulnerability

Fake Magazine Cover Script is a script for creating magazine cover websites. Fake Magazine Cover Script suffers from a SQL injection vulnerability. An attacker can perform SQL injection via the rate.php value parameter or the content.php id parameter...

SQL Injection Vulnerability in WebShow Shopping System V5.4 getpwd2.asp

Netshow shopping system is a shopping website developed with asp+access. A SQL injection vulnerability exists in NetShow Shopping System V5.4 getpwd2.asp. An attacker can obtain sensitive database information by constructing a specific SQL injection...

SQL Injection Vulnerability in Opensns CheckInController.class.php Page

OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. A SQL injection vulnerability exists in the Opensns CheckInController.class.php page. An attacker can exploit the vulnerability to obtain sensitiv...

SQL Injection Vulnerability in DM Enterprise Building System v201710

DM building system is developed by php + mysql a set of specialized in small and medium-sized enterprise website construction of open source cms. DM enterprise website building system v201710 login at the existence of SQL injection vulnerability , attackers can use the vulnerability to obtain...

Jiangxi Talent Software Technology Co., Ltd. enterprise station building system with SQL injection vulnerability

Jiangxi Talent Software Technology Co., Ltd. enterprise station-building system is a station-building system. Jiangxi Talent Software Technology Co., Ltd. enterprise station building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information in the...

SQL Injection Vulnerability in State Micro CMS opinion-wzxz

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. A SQL injection vulnerability exists in State Micro CMS opinion-wzxz. An attacker can exploit this vulnerability to obtain sensitive...

WordPress Event Espresso Lite Plugin SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Event Espresso Lite plugin. An attacker can exploit the vulnerability t...

Pragyan CMS SQL Injection Vulnerability (CNVD-2017-34577)

Pragyan CMS is a multi-user, modular PHP and MySQL based Content Management System CMS. The system supports custom built-in frameworks, user group rights management, search engine optimization and more. A SQL injection vulnerability exists in Pragyan CMS version 3.0. A remote attacker can exploit...

Anblik WordPress image-gallery-with-slideshow SQL Injection Vulnerability

Anblik WordPress image-gallery-with-slideshow is a slideshow plugin for WordPress developed by Anblik Web Design India. A SQL injection vulnerability exists in the image-gallery-with-slideshow/adminsetting.php file in Anblik WordPress image-gallery-with-slideshow version 1.5.2. A remote attacker...