PT-2019-16850 · Ibm · Ibm Financial Transaction Manager For Digital Payments For Multi-Platform

Name of the Vulnerable Software and Affected Versions: IBM Financial Transaction Manager for Digital Payments for Multi-Platform version 3.1.0 Description: The issue allows a remote attacker to send specially-crafted SQL statements, which could enable the attacker to view, add, modify, or delete...

Joomla Component HWDVideoShare SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla component HWDVideoShare. Allows remote attackers to execute arbitrary SQL commands with different parameters on index.php via "catid itemid=pattern=hwdcorder=videoid=" and have SQL database...

SQL Injection Vulnerability in Super CMS Frontend in***.php Page

Super CMS by the SEO Research Center in order to solve the problem of website optimization and research and development of a set of products, using an object-oriented approach to independent research and development of the MVC framework development, is an open source content management system...

WordPress Plugin PT-Content-Views-Pro SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress plugin PT-Content-Views-Pro. An attacker can exploit the vulnerability ...

Five Fingers CMS v4.1.0 SQL Injection Vulnerability in Frontend

Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS v4.1.0 SQL injection vulnerability exists in the front-end , an attacker can exploit the vulnerability to obtain sensitive information in the database...

Jinan Reebok Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Reebok Network Technology Ltd. is an Internet technology service provider. Jinan Reebok Network Technology Co., Ltd. website building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

PYSEC-2019-53

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter...

SQL Injection Vulnerability in the front-end pa***.asp file of Eco Times Enterprise Online Bookkeeping Management System

EcoTime Enterprise Online Bookkeeping Management System is an online bookkeeping software for small and medium-sized enterprises, stores, etc. It is suitable for managing cash flow accounts, accounts receivable and payable accounts, as well as company bookkeeping and other related financial...

SQL injection vulnerability in the front-end zh***_mo***.asp file of the online bookkeeping management system of Environmental Times Enterprises (CNVD-2019-06673)

Eco Times Enterprise Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the zhmo.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain...

SQL Injection Vulnerability in the Front-end us***.asp File of Environmental Times Enterprise Online Bookkeeping Management System

Eco Times Enterprise Online Bookkeeping Management System is a financial online bookkeeping software. SQL injection vulnerability exists in the us.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can use the vulnerability to obtain sensitive...

SQL injection vulnerability in the front-end xi***_mo***.asp file of the Eco Times Enterprise Online Bookkeeping Management System.

Eco Times Business Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the ximo.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain...

ZoneMinder SQL Injection Vulnerability (CNVD-2019-04688)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. ZoneMinder 1.32.3 and earlier versions of skins/classic/views/events.php file has a SQL injection vulnerability , a remote attacker can with the help of 'filterQueryterms0cnj'...

ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting

Exploit Title: ArangoDB Community Edition 3.4.2-1 | Cross-Site Scripting Date: 17.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.arangodb.com Software Link: https://www.arangodb.com/download-major/ Version: 3.4.2-1 Introduction ArangoDB is a native multi-model, open-source databa...

SQL Injection Vulnerability in the Frontend of Worklog 25.0 System by Kaixin Worklog

Worklog is a B/S based software for structuring intra-enterprise collaborative work. A SQL injection vulnerability exists in the frontend of the Qixing Worklog 25.0 system, which can be exploited by attackers to manipulate the database...

SQL Injection Vulnerability in Sl***_Pa***.aspx of Bid 1.0 Backend of Qixing Engineering Bidding System

Qixing Bidding System is suitable for enterprises to collect information on government procurement, engineering construction, land grant and other bidding information, and to track the progress of works and payment of successful projects. A sql injection vulnerability exists in the backend...

SQL Injection Vulnerability in YCCMS v3.3

YCCMS is a PHP version of a lightweight CMS builder. YCCMS v3.3 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Penta Campus Network Application System Management Software

PantoSchool.Net is a complete solution for networked learning schools! A SQL injection vulnerability exists in PantoSchool.Net Application System Management Software. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in Ectouch frontend Ex***.cl***.php file

ECTouch is a mobile mall online store system launched by Shanghai Shangchuang Network Technology Co. A SQL injection vulnerability exists in the Ex.cl.php file in the frontend of Ectouch. Attackers can use the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in the Backend Us***_Ro***.aspx File of Qixing Image & Video Library Gallery v27.0

Qixing Image & Video GalleryGallery is mainly used to store images or videos in the company. A SQL injection vulnerability exists in the backend UsRo.aspx file of Qixing Image & Video Gallery v27.0, which can be exploited by an attacker to obtain sensitive information from the database...

Traq SQL Injection Vulnerability

Traq is a PHP-based project management and issue tracking system. Traq suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...