CVE-2020-16276

An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database...

SQL Injection Vulnerability in Enterprise Standardized Management System of Runshen Information Technology (Shanghai) Co.

Runshen Information Technology Shanghai Co., Ltd. main standard automatic update management software, file digitization, digitization of the map. Ltd. enterprise standardization management system, there is a SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive...

SQL Injection Vulnerability in Air Pollution Control Monitoring, Early Warning and Decision Support System of Huainan Runcheng Technology Co.

The framework of the air pollution prevention and control grid-based monitoring, early warning and decision support system consists of three parts: the perception layer, the platform layer and the application layer. In the sensing layer, monitoring points are laid out according to the actual dema...

SQL Injection Vulnerability in Hanzhong Qiyuan Power Network Co.

Hanzhong Qiyuan Power Network Co., Ltd. is a high-tech Internet technology service provider. Hanzhong Qiyuan Power Network Co., Ltd. website building system has SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in Website Building System of Shenzhen Shenzhou Tongda Network Technology Co.

Shenzhen Shenzhou Tongda Network Technology Co., Ltd, provides Tencent enterprise mailbox, high-end website construction PC website, cell phone website, WeChat public account, SEO optimization and promotion, enterprise WeChat and other network infrastructure services and network marketing and...

CVE-2020-7356

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinderseqid' in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

SQL Injection Vulnerability in OA Office System of Chengdu Huigao Software Co.

Chengdu Huigao Software Co., Ltd. is an OA software developer and service provider. A SQL injection vulnerability exists in the OA office system of Chengdu Huigao Software Co. The vulnerability can be exploited by an attacker to obtain sensitive information from the database...

Extreme CMS has multiple vulnerabilities

Extreme CMS is an open source and free PHPCMS web content management system. Extreme CMS has XSS cross-site scripting , SQL injection , ultra-rights access vulnerabilities , attackers can exploit the vulnerability to obtain server privileges...

SQL Injection Vulnerability in ECSHOP v2.7.3 by Merchant Pie Software Ltd.

ECShop is a professional e-commerce mall system. A SQL injection vulnerability exists in ECSHOP v2.7.3 of Merchant Pie Software Limited, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in p***.php page of website building system of Inner Mongolia Wando Information Technology Co.

Wando Technology is an information technology company dedicated to enterprise informatization application services, in order to actively promote the development of enterprise informatization and e-commerce, because of the transparency, so the integrity of the enterprise policy. It is an applicati...

Anhui Hope Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Anhui Hope Network Technology Co., Ltd. is an Internet basic product service provider mainly engaged in website construction, network promotion and network marketing. Anhui Hope Network Technology Co., Ltd. website building system has SQL injection vulnerability, attackers can use the vulnerabili...

SQL Injection Vulnerabilities in the Website Building System of Luoyang Wanqian Network Technology Co.

Luoyang Wanqian Network Technology Co., Ltd. was founded in 2007, for the global large and small enterprises, groups and institutions, to provide high-quality website construction, network promotion, office automation management software development and use of network software services, now the...

SQL Injection Vulnerability in Digital Learning Resource Platform of Higher Education Publishing House

Digital Learning Resource Platform is a digital product of Higher Education Press, a practical, effective and scalable CMS system. SQL injection vulnerability exists in the Digital Learning Resource Platform of Higher Education Publishing House, which can be exploited by an attacker to obtain...

SQL injection vulnerability in va***.do page of Hefei Mingxin Software Technology Co.

Hefei Mingxin Software Technology Co., Ltd. was founded in 2013, is a professional information technology service provider, the use of cutting-edge science and technology, we focus on providing efficient, high-quality information technology solutions and information technology products and servic...

SQL injection vulnerability in Shanghai Zhihu Information Technology's website bu***_de*** system

Shanghai Zhihu Information Technology Co., Ltd. precipitated 5 years, each industry comprehensive business scenarios, combined with the ability of technological innovation, to provide social e-commerce, home furnishing industry, tourism and travel and other areas of the solution. Shanghai Zhihu...

Teclib GLPI SQL Injection Vulnerability (CNVD-2020-44905)

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A SQL injection vulnerability exists in Teclib GLPI versions prior to 9.5.1...

Introduction to SQL: Examples, Best Practices and Pitfalls

SQL Structured Query Language has been with us for more than half a century and it’s not going away anytime soon. Popular in both traditional relational databases and newer NoSQL databases technologies, SQL is widely used for data analytics, Big Data processing, coding languages, and more. I’m a...

Shanghai Danfan Network Technology Co., Ltd. builds website system with SQL injection vulnerability (CNVD-2020-48959)

Huaxia chemical network was founded in 2000, is founded by Shanghai Danfan network technology limited company, for the chemical industry to provide supporting B2B e-commerce platform of professional website. Shanghai Danfan network science and technology limited company builds the station system...

MunkiReport SQL Injection Vulnerability (CNVD-2020-42246)

Munkireport is a reporting tool for the Munki software management program. A SQL injection vulnerability exists in the TableQuery.php file in MunkiReport versions prior to 5.6.3. The vulnerability can be exploited by an attacker to execute arbitrary SQL commands by sending a POST request to...

SQL Injection Vulnerability in Extreme CMS of Langfang Extreme Network Technology Co. Ltd (CNVD-2020-48971)

Extreme CMS is an open source and free PHPCMS web content management system. Ltd. Extreme CMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...