Zhengzhou octave network marketing system has SQL injection vulnerability

Zhengzhou Octave Networks is a technology company that specializes in providing customers with mobile Internet development, high-end website construction, brand Internet marketing and related Internet-based application services. Zhengzhou Octave Network Marketing system has a SQL injection...

Synology Media Server SQL Injection Vulnerability

Synology Media Server is a set of media server software from Synology. A SQL injection vulnerability exists in Synology Media Server versions prior to 1.7.6-2842 and 1.4-2654. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'ObjectID' parameter...

SQL Injection Vulnerability in Jinbao Technology's CMS Website Building System

Shanghai Jinbao Network Technology Co., Ltd. is a set of website construction, SEO optimization, network promotion, Shanghai website production, Shanghai SEO optimization, Shanghai network optimization, and many other network services as one of the integrated service-oriented professional network...

SQL Injection Vulnerability in UQCMS Cloud Business B2B2C Multi-store System

UQCMS cloud business system is a program using PHP + MYSQL, template using smarty template B2B2C e-commerce software. UQCMS cloud business B2B2C multi-store system SQL injection vulnerability, the vulnerability stems from the program on the function filtering is not rigorous. Attackers can use th...

Advantech WebAccess SQL Injection Vulnerability (CNVD-2018-11441)

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in Advantech WebAcce...

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter...

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter...

SQL Injection Vulnerability in YHCMS Version V2.6.5 R20160808

YHCMS is a professional marketing enterprise building system based on PHP+MYSQL as the core development. A SQL injection vulnerability exists in YHCMS version V2.6.5 R20160808. The vulnerability originates from the system's parameter filtering is not rigorous. An attacker can exploit the...

SQL Injection Vulnerability in Nagios XI 5.4.12 and Prior (CNVD-2018-09748)

Nagios is an open source, free network monitoring tool that effectively monitors the status of hosts, switches routers and other network devices, printers, etc. for Windows, Linux and Unix. Nagios XI 5.4.12 and earlier versions suffer from a SQL injection vulnerability that can be exploited by...

SQL Injection Vulnerability in Nagios XI 5.4.12 and Prior Versions

Nagios is an open source, free network monitoring tool that effectively monitors the status of hosts, switches routers and other network devices, printers, etc. for Windows, Linux and Unix. Nagios XI 5.4.12 and earlier versions suffer from a SQL injection vulnerability that can be exploited by...

SQL Injection Vulnerability in State Micro CMS School Crowd System

State Micro CMS formerly PHP168 S series is a leading manufacturer of domestic government, school and group platforms, and is also the largest open source system provider in the field of PHP in southern China. State Micro CMS school station group system has SQL injection vulnerability, attackers...

Stored Cross-site Scripting and SQL Injection Vulnerabilities in YXcms Backend Membership Management System

YXCMS is an efficient website management system built on PHP+MYSQL. A stored cross-site scripting and SQL injection vulnerability exists in the YXcms backend member management system. An attacker can exploit the vulnerabilities to obtain information such as database information and user cookies,...

CVE-2018-9102

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for...

CVE-2018-9102

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for...

Apache Fineract SQL Injection Vulnerability (CNVD-2018-09808)

Apache Fineract is a set of open source digital financial services platform of the U.S. Apache Apache Software Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. An SQL injection vulnerability...

SQL Injection Vulnerability in Duoduocms V8.3_UTF8_20180131 Official Version

DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. DuoDuoRebate duoduocms V8.3UTF820180131 official version of the existence of SQL injection vulnerability. The vulnerability stems from the system on the parameters of the...

Zoho ManageEngine Desktop Central Database Query Type Restriction Under-Execution Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...

Zhengzhou Yuanchen Culture Communication Co., Ltd. website construction system has SQL injection vulnerabilities

Zhengzhou Yuanchen Culture Communication Co., Ltd. is a high-tech enterprise engaged in the Internet, specializing in providing a full set of e-commerce solutions for many enterprises. There is a SQL injection vulnerability in the website construction system of Zhengzhou Yuanchen Culture...

SQL Injection Vulnerability in CMS of Wuhan Tengfei Liren E-commerce Co.

Wuhan Tengfei Liren E-commerce Co. A SQL injection vulnerability exists in the CMS of Wuhan Tengfei Liren E-commerce Co. An attacker can exploit this vulnerability to obtain sensitive information in the database...

Xuzhou Xunbang Technology Co., Ltd. website construction system has SQL injection vulnerabilities

Xuzhou Xunbang Technology Co., Ltd. is engaged in enterprise website design and production, shopping mall website production, marketing website production, mobile APP development, WeChat public platform, cell phone / micro-site production, Baidu optimization and promotion, 360 search promotion,...