Novell SUSE Studio Onsite and SUSE Studio Onsite Appliance SQL Injection Vulnerability

Novell SUSE Studio Onsite and SUSE Studio Onsite Appliance are both U.S. Novell Web applications for building and testing software applications in a Web browser. A SQL injection vulnerability exists in the list of software available in Novell SUSE Studio Onsite versions prior to 1.0.3-0.18.1 and...

portfolioCMS SQL Injection Vulnerability

portfolioCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in portfolioCMS version 1.0.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of the 'preview' parameter...

SQL Injection Vulnerability in Website Building System of Guangdong Shunde Deyun Network Technology Co.

Guangdong Shunde Deyun Network Technology Co., Ltd. is a marketing company relying on the Internet, focusing on practical Internet planning and in-depth marketing. There is a SQL injection vulnerability in the website building system of Guangdong Shunde Deyun Network Technology Co. Attackers can...

JB Tour Booking SQL Injection Vulnerability in Joomla!

Joomla! is an open source content management system CMS developed by the Open Source Matters team in the U.S. JB Tour Booking is one of the scripts designed for travel agencies. A SQL injection vulnerability exists in Joomla JB Tour Booking. An attacker could use this vulnerability to corrupt the...

Joomla! User Bench SQL Injection Vulnerability

Joomla! is an open source Content Management System CMS that offers RSS feeds, site search, etc. User Bench is one of those simple components that allows you to list your team details. An SQL injection vulnerability exists in Joomla! An attacker could use this vulnerability to corrupt the...

SQL Injection Vulnerability in Guangzhou Lianya Network Technology Co.

Guangzhou Lianya Network Technology Co., Ltd. is a technology-based network company. A SQL injection vulnerability exists in the website building system of Guangzhou Lianya Network Technology Co. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Zechat has multiple vulnerabilities

Zechat is a PHP-based online chat application script . Zechat suffers from SQL injection and cross-site request forgery vulnerabilities. An attacker can exploit the vulnerabilities to obtain sensitive information about the database; change the user's information...

SQL Injection Vulnerability at lmxcms Tags Search

Dream Cms, hereinafter referred to as "lmxcms", is a simple and practical website management system cms developed by "10 years" screen name. A SQL injection vulnerability exists in lmxcms Tags search. An attacker can exploit the vulnerability to obtain sensitive information from the database...

OpenDaylight Controller SQL Injection Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven open source software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly.Controller is one of the controllers. An SQL...

Quest KACE System Management Appliance SQL Injection Vulnerability

Quest KACE System Management Appliance is an IT asset management appliance from Quest Software, USA. A SQL injection vulnerability exists in the '/common/runreport.php' script in version 8.0.318 of the Quest KACE System Management Appliance, which stems from the program not filtering incoming...

Pixelpost SQL Injection Vulnerability

Pixelpost is a suite of extensible open source photo-sharing applications with multi-language support. A SQL injection vulnerability exists in Pixelpost 1.7.3 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

SQL Injection Vulnerability in Hainan Creative Media pc Website Building System

Hainan Creative Future Culture Media Co., Ltd. is engaged in brand one-stop service e-commerce advertising consulting services media enterprises. We design complete solutions for users and provide the best advertising support services. A SQL injection vulnerability exists in the pc website builde...

CVE-2018-11535

An issue was discovered in SITEMAKIN SLAC Site Login and Access Control v1.0. The parameter "myitemsearch" in users.php is exploitable using SQL injection...

SQL Injection Vulnerability in KuaiFanCMS V5.0

KuaiFanCMS V5.x hereinafter referred to as KF uses PHP5+MYSQL as the technical basis for development.KF is built with Smarty template engine. KuaiFanCMS V5.0 has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information from the database...

WordPress SQL Injection Vulnerability (CNVD-2018-10476)

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress suffers from an information disclosure vulnerability. By exploiting this vulnerability, an attacker can perform SQL...

Trend Micro Email Encryption Gateway SQL Injection Vulnerability (CNVD-2018-10480)

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. A SQL injection vulnerability exists in the formRegistration2 class in Trend Mic...

SQL Injection Vulnerability in SMiCMS Government Website System v201803224 Version

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS government website system v201803224 version of the existence of SQL injection vulnerability , attackers can exploit the...

iScripts eSwap 'ToId' Parameter SQL Injection Vulnerability

iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...

PhpCollab SQL Injection Vulnerability

phpCollab is a set of Web-based project collaboration management software. The software features task assignment, discussions, logs and notifications. A SQL injection vulnerability exists in PhpCollab 2.5.1 and earlier versions. A remote attacker can exploit the vulnerability to execute arbitrary...

Dr.COM APG Anti-Proxy Gateway suffers from SQL Injection Vulnerability

Dr.COM APG Anti-Proxy Gateway Anti-Proxy Gateway is a network behavior analysis and management gateway device designed and developed by Guangzhou Hotspot specifically for broadband shared access management, which mainly provides wired and wireless broadband operators with a real-time control box...