2819 matches found
Exponent CMS 'fileid' Parameter SQL Injection Vulnerability
Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...
SQL Injection Vulnerability in Digital China Internet Behavior Management System Announcement_starttime Parameter
Digital China Internet Behavior Management System is an Internet behavior logging system that fully owns the network behavior analysis management system, integrating hardware and software architecture, behavior analysis engine, management and control policies, analyzing network activities in real...
AlienVault OSSIM and USM SQL Injection Vulnerabilities
AlienVault OSSIM and USM are both products of AlienVault Corporation, U.S.A. OSSIM is an open source security information management system. USM is a security management platform that provides security monitoring, security event management and reporting, and threat awareness system. An SQL...
SQL Injection Vulnerability in KuaiFanCMS File /upload/kuaifan/module/xinxi/fajian.module.php
KuaiFanCMS V5.x is developed with PHP5+MYSQL as the technical base. kf is built with Smarty template engine. KuaiFanCMS file /upload/kuaifan/module/xinxi/fajian.module.php at the existence of SQL injection vulnerability, an attacker can use this vulnerability to obtain sensitive database...
SQL Injection Vulnerability in UFIDA UFO System queryByWhere Interface
UFIDA UFO system is UFIDA software comes with tabular data processing software. A SQL injection vulnerability exists in the queryByWhere interface of UFIDA UFO System. An attacker is allowed to exploit the vulnerability to obtain database information...
SQL Injection Vulnerability in ChannelList.aspx Page of Shandong Wave Government Approval Platform
Wave Government Approval Platform is a cloud computing infrastructure platform of Shandong Wave Qilu Software Co. A SQL injection vulnerability exists in the ChannelList.aspx page of the Shandong Wave Government Approval Platform, which can be exploited by attackers to obtain sensitive database...
CVE-2016-1000125
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla...
CVE-2016-1000123
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla...
Joomla! com_bt_media Component SQL Injection Vulnerability
Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the categories0 parameter of the index/php page of the Joomla! combtmedia...
kensoft CMS SQL Injection Vulnerability
kensoft CMS is a content management system. A SQL injection vulnerability exists in the ft parameter of the dispatch.php page of kensoft Cms, which can be exploited by attackers to obtain sensitive information...
PHPIPAM SQL Injection Vulnerability
phpipam is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpipam version 1.2.1, which can be exploited by an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the...
SQL Injection Vulnerability in UFIDA Financials /target/services/operOriztion?wsdl Page
UFIDA Financials is a financial management software. A SQL injection vulnerability exists in the UFIDA Financial System /target/services/operOriztion?wsdl page. An attacker can exploit the vulnerability to obtain database information...
SQL injection vulnerability in the zwkm parameter of the modifyzdjb.jsp page of the ilasIII digital library system of Shenzhen Ketu Automation New Technology Application Company.
Integrated Library Automation System ILAS is the Ministry of Culture in 1988 as a national key scientific and technological projects issued by the Shenzhen Library to undertake and organize the development of a set of libraries at home and abroad to adapt to different levels, a variety of scales,...
vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability
VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...
SQL Injection Vulnerability in Asset Management System sysbh Parameter of Jinan Guozi Digital Technology Co.
Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. The product suffers from SQL injection vulnerability, the vulnerability URL is: http://host/dxyqsyspt/sysDetail.aspx?sysbh=000001 The...
SQL Injection Vulnerability in the Templetid Parameter of Hopping Collaborative Content Management System
HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the templetid parameter of HZCMS. Attackers can use the vulnerability to obtain data information...
SQL Injection Vulnerability in Channelcode Parameter of Hopping Synergy Content Management System
HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the channelcode parameter of the HZCMS. An attacker can exploit the vulnerability to obtain database information...
SQL Injection Vulnerability in hdcms Framework rname Parameter
HDCMS is a content management system package written in PHP. A SQL injection vulnerability exists in the rname parameter of the hdcms framework, as the program fails to adequately filter the rname parameter and only does corresponding code auditing on the source code. An attacker is allowed to...
SQL Injection Vulnerability in Doccms
Rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is the industry's leading free open source enterprise website building system, enterprise website generation system. Doccms SQL injection vulnerability , due...
PHPBack SQL Injection Vulnerability
PHPBack is an open source Web application feedback system . PHPBack suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability to submit specially crafted SQL queries to manipulate or obtain database data...