SQL Injection Vulnerability in Zhirui Teacher Records Management System

Zhi Rui Teachers File Management System is a free institution management system developed by Zhi Rui software team using asp+access. Zhirui Teacher File Management System has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Lean Value Stream Management System (LVS) at Hangzhou Gila Technology Co.

Hangzhou Gila Technology Co., Ltd. is an enterprise network service provider, is committed to providing customized solutions based on the needs of the enterprise network, to create a cloud service cloud network platform. A SQL injection vulnerability exists in the Lean Value Stream Management...

PT-2020-6996 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 6.3-milestone-2 through 13.10.4 XWiki Platform versions 11.10.6 through 14.3-rc-1 are not needed as they are included in the range above, so the final version is: XWiki Platform versions 6.3-milestone-2 through 13.10.4...

SQL Injection Vulnerability in Alencms

Dongguan Lightspeed Network is a large network company, specializing in providing website design services for the majority of small and medium-sized enterprises, government agencies, etc.. Alencms has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database...

DEBIAN-CVE-2020-26935

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query...

Shield Spirit Original Article Submission System 1.0 SQL Injection Vulnerability in Frontend

Shield Spirit Original Article Submission System 1.0 is a concise submission system. Shield Spirit Original Article Submission System 1.0 suffers from a SQL injection vulnerability in the frontend, which can be exploited by attackers to obtain sensitive information from the database...

PT-2020-4300 · Teclib +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.2 Description: The issue is related to the incorrect neutralization of special elements used in SQL commands, which can allow a remote attacker to execute arbitrary SQL queries to the database in the target system b...

CVE-2020-15927

Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the SAP module...

SQL Injection Vulnerability in PHP Version of Nettie CMS

OTCMS Nettie CMS is an article-based web content management system CMS. A SQL injection vulnerability exists in the PHP version of OTCMS, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2020-20800

An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI...

SQL Injection Vulnerability in Linkworks of Quanta Technology Co.

Founded in 1998, Quanta Technology Co., Ltd. is a digital construction platform service provider with professional applications in the field of construction engineering as the core basic support, and value-added services such as industrial big data and industrial new finance. A SQL injection...

Observium SQL Injection Vulnerability (CNVD-2020-54786)

Observium is a low-maintenance auto-discovery network monitoring platform that supports multiple device types, platforms and operating systems. Observium suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to inject malicious SQL queries via the ajax/actions.php...

SQL Injection Vulnerability in Guojiz International Website Navigation System

Guojiz International Website Navigation System is developed by ThinkPHP5.0+PHP7.0+Mysql+Apache/Nginx/iis, which is suitable for small and medium-sized webmasters to build a CMS program. Guojiz International Website Navigation System has a SQL injection vulnerability, which can be exploited by...

VulnCheck KEV: CVE-2023-25157

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols...

Foshan Tiema Software Co., Ltd. Tiema Mobile Phone Query System Login Page Exists SQL Injection Vulnerability

Foshan Tiema Software Company, is a high-tech software company specializing in enterprise information management engineering, to provide personalized solutions for different types of enterprises. Foshan Iron Horse Software Co., Ltd Iron Horse cell phone query system login page SQL injection...

SQL Injection Vulnerability in Aja***.ashx, an Intelligent Tourism System of iSoftStone Macau Ltd.

iSoftStone Macau is mainly engaged in software design and development, information technology services. SQL injection vulnerability exists in Aja.ashx, the intelligent tourism system of iSoftStone Macau, which can be exploited by attackers to obtain sensitive information from the database...

Alfresco sql injection vulnerability

Alfresco is an open source enterprise content management system. The platform page using Freemarker development , the main features include document management , collaboration , records management , knowledge base management , Web content management and so on. A sql injection vulnerability exists...

IBM Maximo Asset Management SQL Injection Vulnerability (CNVD-2020-52460)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for these assets. IBM Maximo Asse...

mysql: InnoDB unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

SQL Injection Vulnerability in Smart-MDS Multimedia Command and Dispatch System of Yixin Technology Co.

But the new technology Smart-MDS multimedia command and scheduling system with convergence access function, provide multi-service convergence of the unified scheduling management platform, access to mainstream various types of audio and video communication system functions. There is a SQL injecti...