LJcms v1.29 SQL Injection Vulnerability

LJCMS adopts PHP + Mysql architecture, is a very SEO friendly, full-featured, safe and stable, support multi-terminal display and extremely simple to use enterprise station building system. LJcms v1.29 SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive informatio...

SQL injection vulnerability exists in kkcms (CNVD-2020-33127)

kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information database...

SQL injection vulnerability exists in kkcms (CNVD-2020-33119)

kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information database...

Hefei Tianxun Information Technology Co., Ltd. pushes Couponer CMS with SQL injection vulnerability

Push Couponer CMS is a completely free Taobao coupon website source code program. Ltd. Push Couponer CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Securing GraphQL API

Introduction to GraphQL Representational state transfer REST APIs are the most popular type of API. However, GraphQL is rapidly growing in popularity as a competitor to REST. GraphQL is a meta-layer with built-in query language to access object-oriented data. It’s based on JSON-encoded HTTP...

Schneider Electric EcoStruxure Operator Terminal Expert SQL Injection Vulnerability

Schneider Electric EcoStruxure Operator Terminal Expert is a touch screen configuration software from Schneider Electric, France. This software branch is mainly used for creating and editing touch applications. A SQL injection vulnerability exists in the handling of VXDZ files in Schneider Electr...

SQL Injection Vulnerability in Stone Technology Online Exam System Frontend

Stone Technology Online Exam System is a php and mysql based application that can complete the functions of setting up an exam, creating a question bank, importing a list, starting an exam, randomly selecting questions, awarding scores on the spot, querying after the fact, and exporting scores...

CVE-2020-4345

IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318...

SQL Injection Vulnerability in Website Building System of Zonglian Information Technology Co.

Zonglian Technology customizes the official website for each enterprise, and establishes the website construction plan suitable for the enterprise according to the budget, design, industry and enterprise image. With the appropriate display, display effect, site framework, through the integration ...

SQL Injection Vulnerability in Stone Technology Opinion Analysis Assistant us***.php Page

Stone Technology Public Opinion Analysis Assistant is a monitoring tool that can collect the titles of publicly released information from specified websites and filter out the information and links required by users based on keywords and filters. A SQL injection vulnerability exists in the us.php...

SQL Injection Vulnerability in the Website Building System of Suzhou Topps Network Technology Co.

Suzhou Topps Network Technology Co., Ltd. is engaged in solving the website construction, Baidu promotion, Baidu bidding hosting, Ali network marketing treasure hosting, optimization station rental and sale. Suzhou Topps Network Technology Co., Ltd. station building system there is a SQL injectio...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a attacker to execute arbitrary SQL queries.

The vulnerability in the vManage web interface of the Cisco SD-WAN programmatically defined network is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

hibernate: SQL injection issue in Hibernate ORM

A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further...

SQL Injection Vulnerability in Employment Information Service Platform of Shanghai Jiading Information Technology Co.

Shanghai A-Ding Information Technology Co., Ltd. is focusing on college cloud employment information service platform products, adhering to the principle of saas, with many high-quality Internet resources as the basis, to establish employment information service cloud platform. Provide humanized,...

Shantou Sanyu Technology Co., Ltd. website building system suffers from SQL injection vulnerability.

Ltd. is a company that focuses on designing, producing and providing personalized e-commerce solutions for enterprises. Ltd. website building system suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Website Building System of Suzhou Topps Network Technology Co.

Suzhou Topps Network Technology Co., Ltd. is a computer software, computer animation and network products design, research and development, sales, and provide related technical services and consulting services company. There is a SQL injection vulnerability in the website system of Suzhou Topps...

PayloadsAllTheThings

This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security testing and penetration testing purposes. The primary vulnerability class targeted by this repository is CRLF Carriage Return an...

Xi'an Baolian Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2020-32333)

Xi'an BaiLian Network Technology Co., Ltd. is the first technology company specializing in bearing industry management software development and bearing industry portal design. There is a SQL injection vulnerability in the website building system of Xi'an Bailian Network Technology Co. Attackers c...

Extreme CMS suffers from SQL injection vulnerability

Extreme CMS is an enterprise-level open source content building system. Extreme CMS has a SQL injection vulnerability , attackers can exploit the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in Learning Module ti*** Parameters of 120 Emergency Command Center Web Service System

120 Emergency Command Center Web Service System is a set of web application services for 120 Emergency Command Center, including internal training, learning and assessment functions. SQL injection vulnerability exists in the learning module ti parameter of the 120 Emergency Command Center Web...