Website Security Dog (Apache Edition) V4.0 suffers from SQL injection vulnerability (CNVD-2018-02087)

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. Allows attackers to exploit the...

Web Security Dog (Apache Edition) V4.0 suffers from SQL Injection Vulnerability

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability...

Apache Geode Code Execution Vulnerability

Apache Geode cluster is the Apache Software Foundation's platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. A security vulnerability exists in Apache Geode cluster. A remote attacker can exploit this vulnerability to...

SQL Injection Vulnerability in DocCms 2016

DocCMS rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is a free and open source enterprise website building system, enterprise website generation system. DocCms 2016 has a SQL injection vulnerability,...

CVE-2017-14594

The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the jqlQuery query parameter...

SQL Injection Vulnerability in Dispnews.asp Page of Website Construction System of Jingmen Xinnet Technology Development Co.

Jingmen City, Xin network technology development limited company is a network brand marketing and enterprise management information technology professional service providers. There is a SQL injection vulnerability in the dispnews.asp page of the website construction system of Jingmen Xinnet...

SQL Injection Vulnerability in Xi'an Hongbo Network Technology Co.

Xi'an Hongbo Network Technology Co., Ltd. is a professional design team integrating network preparation, digital film and television production, and brand visual design. Xi'an Hongbo Network Technology Co., Ltd. website construction system suffers from SQL injection vulnerability. Attackers can...

Microsemi Symmetricom s350i SQL Injection Vulnerability

Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. A SQL injection vulnerability exists in the 'checkPassword' function in the Microsemi Symmetricom s350i version 2.70.15. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

CVE-2017-1670

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637...

Gespage SQL Injection Vulnerability

Gespage is an application for managing and monitoring printing devices from the French company Gespage. A SQL injection vulnerability exists in Gespage. A remote attacker can exploit this vulnerability by sending the 'showprn' parameter to the webapp/users/prnow.jsp file or the 'showmonth'...

OpenText Document Sciences xPression xDashboard SQL Injection Vulnerability

OpenText Document Sciences xPression formerly EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada, Inc. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM,...

Muslim Matrimonial Script SQL Injection Vulnerability

Muslim Matrimonial Script is a community matrimonial script for matrimonial websites by PHP Scripts Mall. PHP Scripts Mall Muslim Matrimonial Script has a SQL injection vulnerability. The vulnerability can be exploited to conduct SQL injection attacks via the view-profile.php memid parameter...

DEBIAN-CVE-2017-17920

SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

SQL Injection Vulnerability in phpaaCMS article.add.php File

phpaaCMS is a simple article management system. A SQL injection vulnerability exists in the phpaaCMS article.add.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

CVE-2017-17897

SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...

PT-2017-15082 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 6.0.4 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. The issue is related to the id parameter in the comm/multiprix.php file. Recommendations: For version 6.0.4, consider...

F5 BIG-IP Advanced Firewall Manager Configuration utility SQL Injection Vulnerability

F5 BIG-IP Advanced Firewall Manager AFM is a firewall manager from F5 USA that scales to stop high-volume DDoS attacks that can overwhelm load balancers, firewalls, and even networks.The Configuration utility... An SQL injection vulnerability exists in Configuration utility in F5 BIG-IP AFM. A...

Ecava IntegraXor SQL Injection Vulnerability (CNVD-2017-37693)

Ecava IntegraXor is a toolset for creating and running human-machine interfaces for Web-based SCADA systems. Ecava IntegraXor suffers from a SQL injection vulnerability that can be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability i...

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37642)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUTransferHistory Get method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings...

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37634)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUBackup ClientList method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings...