SQL injection vulnerability in Shield Spirit Commodity Promotion System front-end ad***_up***.php page

Shield Spirit commodity promotion system can be applied to multiple types of public number, personal or business subscription number and service number can be used, easy to docking all kinds of public number, through the WeChat public number of the relevant interfaces configured to come into effe...

SQL Injection Vulnerability in Shield Spirit Commodity Promotion System Frontend ko***.php Page

Shield Spirit commodity promotion system can be applied to multiple types of public number, personal or business subscription number and service number can be used, easy to docking all kinds of public number, through the WeChat public number of the relevant interfaces configured to come into effe...

Victor CMS suffers from SQL injection vulnerability (CNVD-2020-66854)

Victor CMS is a simple content management system. Victor CMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information about a database...

Command execution vulnerability exists in MyuCMS (CNVD-2020-67557)

MyuCMS front-end is built with UIkit framework, back-end is built with layui back-end framework and back-end is developed with PHP+MYSQL. MyuCMS has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

SQL Injection Vulnerability in bycms Content Management System

Beyoncms bycms content management system is a content management system. The bycms content management system suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to gain server control privileges...

PT-2023-3325 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue exists due to insufficient sanitization of user-supplied data in the external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected...

SQL Injection Vulnerability in DSS Safe City System of Zhejiang Dahua Technology Co.

Zhejiang Dahua Technology Co., Ltd, is the world's leading video-centered intelligent IOT solution provider and operation service provider, providing end-to-end video surveillance solutions, systems and services for city operations and more. A SQL injection vulnerability exists in the DSS Safe Ci...

mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete

A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user's connection and insert unauthorized SQL commands in MySQL Connectors and other products...

CVE-2020-28115

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

SQL Injection Vulnerability in Qixing Fault Reporting System (WeChat Public Version) 40.0

Servicedesk can be used as an enterprise fault reporting platform. The system supports secondary authentication, problem statistics, WeChat notification and other functions. A SQL injection vulnerability exists in Qixing Fault Reporting System WeChat Public Version 40.0, which can be exploited by...

DEDECMSV6 backend di***_li***.php file has SQL injection vulnerability

DedeCMSV6 is based on PHP 7.x development, is scalable and fully open source. A SQL injection vulnerability exists in the DEDECMSV6 backend dili.php file. An attacker can exploit this vulnerability to obtain sensitive information from the database...

Shanghai Yongxi Information Technology Co., Ltd. website building system has SQL injection vulnerability

Shanghai Yongxi Information Technology Co., Ltd. is a creative team dedicated to the fusion of technology and business, providing differentiated services and solutions that benefit our customers. Shanghai Yongxi Information Technology Co., Ltd. website builder system has a SQL injection...

SQL Injection Vulnerability in NC Cloud of UFIDA Network Technology Corporation (CNVD-2020-64774)

NC Cloud is a digital platform for large enterprises, focusing on digital management, digital operation and digital business, helping large enterprises realize the comprehensive digitalization of people, money, goods and customers. A SQL injection vulnerability exists in NC Cloud of UFIDA Network...

SQL Injection Vulnerability in Ruijie IT Integrated Business Management Platform

Ruijie Networks is a specialized network vendor with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products and storage. A SQL injection vulnerability exists in Ruijie IT integrated business management platform. ...

Zoho ManageEngine Application Manager SQL Injection Vulnerability (CNVD-2021-05408)

ZOHO ManageEngine Application Manager is a set of application monitoring and management system of the United States ZhuoHao ZOHO company. The system is mainly used to monitor server and application performance. A SQL injection vulnerability exists in Zoho ManageEngine Application Manager 14.7 Bui...

SQL Injection Vulnerability in CMS Frontend

Situ CMS is the short name of Situ Tourism Website Management System, which is a self-developed website management system applicable to the construction of tourism websites. A SQL injection vulnerability exists in the frontend of SITO CMS. An attacker can exploit the vulnerability to obtain...

The vulnerability of the SQL Developer Install component of the Oracle Database Server management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SQL Developer Installation component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

SQL Injection Vulnerability in Shield Spirit Voting Sucker System (CNVD-2020-62877)

Shield Spirit Voting Powder Sucking System can be applied to the public number, through the WeChat public number of the message interface to collect the user to send the vote number of the data to reach the vote, with anti-brush voting voting function, but also efficiently suck the live powder...

SQL Injection Vulnerability in SETA Management System

The SETA Management System is software that assists instructors in their teaching duties and helps students participate in courses online, while supporting access to parts of the content by students not in the course and course management by administrators. The SETA Management System suffers from...

SQL Injection Vulnerability in Situo Travel CMS Website Construction System of Sichuan Situo Smart Travel Software Co.

SituTravel CMS Website Builder is a self-developed website management system suitable for building travel websites. Ltd. SITO Travel CMS website builder system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...