7729 matches found
iTech Gigs Script SQL Injection Vulnerability
iTech Gigs Script is an e-commerce website building system. The system features user registration, quotes and comments. A SQL injection vulnerability exists in iTech Gigs Script version 1.21. A remote attacker can inject SQL commands by sending the 'sc' parameter to the browse-scategory.php file ...
Adult Script Pro SQL Injection Vulnerability
Adult Script Pro is an online multimedia website builder. The system has modules for video viewing, news and user registration. A SQL injection vulnerability exists in Adult Script Pro version 2.2.4. A remote attacker can exploit this vulnerability by sending PATHINFO to the /download URI to inje...
Vastal I-Tech Dating Zone SQL Injection Vulnerability
Vastal I-Tech Dating Zone is a dating site system. The system supports user registration, search and forums. A SQL injection vulnerability exists in Vastal I-Tech Dating Zone version 0.9.9. A remote attacker can exploit the vulnerability by sending the 'productid' parameter to the addtocart.php...
Data Components tPanel SQL Injection Vulnerability
Data Components tPanel is a set of web hosting control panels that run in the server. A SQL injection vulnerability exists in Data Components tPanel version 2009. A remote attacker could exploit this vulnerability to bypass authentication...
Tenable SecurityCenter SQL Injection Vulnerability
Tenable SecurityCenter is a Nessus-inclusive vulnerability management platform from US-based Tenable Network Security. The platform simplifies vulnerability scanning, management and reporting and provides a console to manage policies, alerts, reports and plug-ins for Nessus. An SQL injection...
Cisco Prime Collaboration Provisioning SQL Injection Vulnerability
Cisco Prime Collaboration Provisioning application is the United States of America Cisco Cisco company's set of Web-based next-generation communications services software. The software provides IP communication service features for IP telephony, voice mail and unified communications environments....
Nice PHP FAQ Script SQL Injection Vulnerability
Nice PHP FAQ Script is a PHP-based website autoresponder script. A SQL injection vulnerability exists in Nice PHP FAQ Script. The vulnerability can be exploited to inject SQL commands by sending the 'nicetheme' parameter to the index.php file...
US Zip Codes Database Script SQL Injection Vulnerability
US Zip Codes Database Script is a set of US Zip Codes Database Scripts. A SQL injection vulnerability exists in US Zip Codes Database Script version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands with the 'state' parameter...
SQL Injection Vulnerability in MIPCMS ApiAdminLink.php Page
MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...
SQL Injection Vulnerability in MIPCMS ApiAdminUser.php Page
MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...
SQL Injection Vulnerability in WebShow Shopping System V5.4 listjp.asp
Net show shopping system is a shopping site developed with asp + access. A SQL injection vulnerability exists in NetShow Shopping System V5.4 listjp.asp. An attacker can obtain sensitive database information by constructing specific SQL statements...
PHPSUGAR PHP Melody SQL Injection Vulnerability (CNVD-2017-32540)
PHPSUGAR PHP Melody is a PHP-based content management system for video websites. A SQL injection vulnerability exists in PHPSUGAR PHP Melody versions prior to 2.7.3. A remote attacker can perform a display list operation on the watch.php file and exploit the vulnerability to execute arbitrary SQL...
LetoDMS SQL Injection Vulnerability (CNVD-2017-35203)
LetoDMS is a document management system based on PHP+MySQL development. A SQL injection vulnerability exists in LetoDMSCore/Core/inc.ClassDMS.php in LetoDMS before version 3.3.8, which can be exploited by remote attackers to execute arbitrary SQL commands...
SQL Injection Vulnerability in DM Enterprise Website System
DM building system is developed by php + mysql a set of specialized for small and medium-sized enterprise website construction of open source cms. DM enterprise website builder system multiple parameters exist SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive...
DEBIAN-CVE-2012-4570
SQL injection vulnerability in LetoDMSCore/Core/inc.ClassDMS.php in LetoDMS formerly MyDMS before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Multiple Vulnerabilities in CwCMS v1.0
CwCMS is an enterprise website management system. CwCMS v1.0 has SQL injection and file upload vulnerabilities in several files, which can be exploited by attackers to obtain sensitive information from the database and gain administrative privileges on the server...
SQL Injection Vulnerability in CoolSource Content Management System
CoolSource CMS Content Site Management System is a website management system based on Microsoft's latest ASP.NET platform. A SQL injection vulnerability exists in the CoolSource CMS due to the system failing to effectively filter user input. An attacker can exploit this vulnerability to obtain...
Frappe frappe.share.get_users SQL Injection Vulnerability
Frappe is a WEB application. Frappe frappe.share.getusers suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...
OpenText Document Sciences xPression SQL Injection Vulnerability (CNVD-2017-33295)
OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...
Catfish CMS v4.5.7 SQL Injection Vulnerability in Frontend
Catfish CMS is open source free PHP CMS web content management system. Catfish CMS v4.5.7 suffers from a SQL injection vulnerability in the frontend. An attacker can exploit this vulnerability to obtain sensitive database information...