2819 matches found
Cybozu Garoon vulnerable to SQL injection
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an SQL injection vulnerability. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early...
Joomla com_maxcomment component SQL injection vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla commaxcomment component. An attacker can exploit the vulnerability to access or modify database data...
SQL Injection Vulnerability in Ocean CMS v_name Parameter
Ocean CMS is an open source website builder. A SQL injection vulnerability exists in the adminajax.php page of Ocean CMS 6.46 utf-8 official version. The lack of filtering of the 'vname' parameter allows an attacker to exploit the vulnerability to obtain sensitive database information...
Joomla JE Directory Ads Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. The Joomla JE Directory Ads component SQL injection vulnerability can be exploited by attackers to access or modify database data...
Joomla Soccer Bet Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla Soccer Bet component. An attacker can exploit the vulnerability to access or modify database data...
Joomla JE Video Rat Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla JE Video Rat component. An attacker can exploit the vulnerability to access or modify database data...
SQL Injection Vulnerability in Ocean CMS zyapi.php Page
Ocean CMS is an open source website builder. A SQL injection vulnerability exists in the Ocean CMS zyapi.php page. The lack of filtering of the '$ids' parameter allows attackers to exploit the vulnerability to obtain sensitive information about the database...
CVE-2016-8341
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...
NewsBee CMS SQL Injection Vulnerability
NewsBee CMS is a news website content management system. NewsBee CMS suffers from a SQL injection vulnerability. The vulnerability allows attackers to obtain sensitive information about the database...
SQL Injection Vulnerability in Graduate Student Management Information System of Nanjing Nansoft Technology Co.
Nanjing nansoft science and technology limited company postgraduate management information system using .net multilayer architecture development of b/s mode station building system. SQL injection vulnerability exists in the graduate student management information system of Nanjing Nansoft...
Web Client SQL Injection Vulnerability
VideoInsightWebClient is a Web-based client from VideoInsight, Inc. A SQL injection vulnerability exists in VideoInsight Web Client versions 6.3.5.11 and earlier. An attacker can exploit this vulnerability to execute remote code...
ALPINE-CVE-2016-6617
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions prior to 4.6.4 are affected...
Lepton Add_droplets Parameter SQL Injection Vulnerability
Lepton is a set of tools for lossless compression of JPEG format files. A SQL injection vulnerability exists in the Lepton Adddroplets parameter, which could be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying...
Lepton terms parameter SQL injection vulnerability
Lepton is a set of tools for lossless compression of JPEG format files. A SQL injection vulnerability exists in the Lepton terms parameter, which could allow an attacker to take control of the application, access or modify data, or exploit a potential vulnerability in the underlying database...
MyBB has multiple vulnerabilities (CNVD-2016-11623)
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.7, including: SQL injecti...
MyBB has multiple vulnerabilities (CNVD-2016-11615)
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.8 including: SQL injectio...
MyBB has multiple vulnerabilities (CNVD-2016-11613)
MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.8 including: SQL injectio...
pycsw SQL Injection Vulnerability
pycsw is a system written in python that implements OGC CSW server functionality. It runs on all major platforms Windows, Linux, Mac OS X. Pycsw suffers from a SQL injection vulnerability, which can be exploited by an attacker to take control of the application, access or modify data, or exploit...
TYPO3 TC Directmail SQL Injection Vulnerability
TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A SQL injection vulnerability exists in TYPO3 TC Directmail. The vulnerability is caused due to the program failing to properly filter user-supplied input, allowing an attacker to exploit the...
DotCMS SQL Injection Vulnerability (CNVD-2016-11002)
DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A SQL injection vulnerability exists in the Site BrowserTemplates pages screen in versions of DotCMS prior to...