CVE-2020-12104

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation...

PT-2020-13036 · WordPress · Wp-Advanced-Search

Name of the Vulnerable Software and Affected Versions: wp-advanced-search plugin version 3.3.6 Description: The Import feature in the wp-advanced-search plugin is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any...

Shaanxi New Force Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Ltd. is a high-tech company integrating R&D, production and sales. Ltd. website building system has SQL injection vulnerabilities, which can be exploited by attackers to obtain sensitive information from the database...

Shanghai Danfan Network Technology Co., Ltd. builds website system with SQL injection vulnerability (CNVD-2020-28095)

Shanghai Danfan network science and technology limited company builds the station system is for the chemical industry to provide the security, the high efficiency, the multi-function, the system matching B2B electronic commerce platform specialized website. Shanghai Danfan network science and...

YouDianCMS suffers from SQL injection vulnerability (CNVD-2020-28103)

YouDianCMS set computer website, mobile website, micro letter, APP, small program in one, share space, data automatic synchronization, is the domestic open source five station one excellent solution. YouDianCMS has SQL injection vulnerability, attackers can use the vulnerability to obtain databas...

CVE-2020-6010

LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection...

SQL injection vulnerability in waychar enrollment system (CNVD-2020-28129)

waychar registration system, an online registration system developed for sports events and other general events, supports public numbers and small programs. The waychar registration system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive...

Opmantek Open-AudIT SQL Injection Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. A security vulnerability exists in Opmantek Open-AudIT version 3.2.2. An attacker can exploit the vulnerability...

Waychar enrollment system suffers from SQL injection vulnerability (CNVD-2020-28131)

waychar registration system, an online registration system developed for sports events and other general events, supports public numbers and small programs. Waychar Registration System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in eSchool eCampus Platform of E-Tron Software Ltd.

eSchool eCampus platform is developed by E-Tron Software Limited, which is dedicated to developing campus administration system, mobile applications and school websites to enhance campus work efficiency. A SQL injection vulnerability exists in eSchool eCampus Platform, which can be exploited by...

Tongda OA suffers from SQL injection vulnerability (CNVD-2020-28123)

Tongda OA is a collaborative office automation software independently developed by Beijing Tongda Science and Technology Co., Ltd, which is a comprehensive management and office platform combined with China's enterprise management practices. There is a SQL injection vulnerability in Tongda OA,...

Ivanti Avalanche SQL Injection Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A SQL injection vulnerability exists in Ivanti Avalanche version 6.3. The vulnerability stems from a lack of...

The vulnerability of the Slurm resource manager lies in the lack of protection for SQL query structures, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Slurm resource manager is related to the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

Guangdong Century ICT Network Technology Co., Ltd Supervision Pass - Supervision Enterprise Comprehensive Business Management System suffers from SQL Injection Vulnerability

Supervision through - supervision enterprise integrated business management system, is the Guangdong Century ICT Network Technology Co., Ltd. for the domestic engineering consulting enterprises engineering supervision, project management, cost, bidding agency, project construction informatization...

SQL Injection Vulnerability in Blue Sky Escort Equipment Management System of Nanjing Huiwei Da Information Technology Co.

Blue Sky Escort Device Management System is a device management system based on thinkphp3.x secondary development. Nanjing Huimida Information Technology Co., Ltd. blue sky escort equipment management system SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive...

SQL Injection Vulnerability in the Integrated Management Information System of Shanghai Jinhui Software Co.

Shanghai Jinhui Software Co., Ltd. is a high-tech enterprise focusing on the engineering design and construction industry, specializing in providing enterprise management informatization consulting services and software products. Shanghai Jinhui Software Co., Ltd. comprehensive management...

Sophos XG Firewall SFOS SQL Injection Vulnerability

Sophos XG firewall and SFOS are both products from Sophos UK.Sophos XG firewall is a next generation endpoint protection and enterprise firewall product.SFOS is an operating system for Sophos firewall products. An SQL injection vulnerability exists in SFOS on Sophos XG Firewall appliances...

SQL injection vulnerability in Heybbs micro community frontend us***.php file SQL injection

Heybbs micro-community is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community program. Heybbs micro-community front-end us.php file SQL injection SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...

SQL injection vulnerability in Heybbs micro community se***.php file

Heybbs micro-community is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community program. Heybbs micro-community se.php file has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in yycms

yycms is a movie and television system. yycms suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...