SQL Injection Vulnerability in 74cms MembersController.class.php Page

Knight Talent System 74cms is a free website management system based on PHP+MYSQL. A SQL injection vulnerability exists in the 74cms MembersController.class.php page, which can be exploited by attackers to obtain sensitive database information...

Cash Back Comparison Script SQL Injection Vulnerability

Cash Back Comparison Script is a cash back script. A SQL injection vulnerability exists in Cash Back Comparison Script version 1.0. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Trend Micro Mobile Security SQL Injection Vulnerability

Trend Micro Mobile Security Enterprise is a set of cell phone security software from Trend Micro that integrates cell phone security scanning, real-time protection against malicious programs and monitoring of malicious behavior. A SQL injection vulnerability exists in versions of Trend Micro Mobi...

WordPress Responsive Image Gallery Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.Responsive Image Gallery plugin is one of the image management plugin. A SQL injection vulnerability exists in WordPre...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

SQL Injection Vulnerability in Guizhou Chitong Network Technology Co.

Guizhou Chitong Network Technology Co., Ltd. is an Internet service provider. The services offered include: website direct ID registration, website full network promotion, enterprise official website construction, e-commerce platform type website construction, website optimization outsourcing and...

SQL Injection Vulnerability in Wireless Suzhou App

Wireless Suzhou APP is a cell phone software that brings convenient services to Suzhou users. It is a news and life city application client focused on by Suzhou Radio and Television Station. A SQL injection vulnerability exists in Wireless Suzhou APP, which can be exploited by attackers to obtain...

WordPress add-edit-delete-listing-for-member-module SQL Injection Vulnerability

WordPress add-edit-delete-listing-for-member-module is a WordPress-specific plugin for adding, editing and deleting operations on member listings. A SQL injection vulnerability exists in WordPress add-edit-delete-listing-for-member-module version 1.0, which stems from the program failing to filte...

Wordpress plugin image-gallery-with-slideshow 'imgid' parameter SQL injection vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Wordpress plugin image-gallery-with-slideshow. A remote attacker can exploit the...

EyesOfNetwork web interface SQL injection vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

EyesOfNetwork web interface SQL injection vulnerability (CNVD-2017-33830)

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

Dolibarr ERP/CRM on/list.php File SQL Injection Vulnerability

Dolibarr ERP/CRM is an open source software/freeware for small and medium-sized businesses, organizations or freelancers. It includes different features such as Enterprise Resource Planning ERP and Customer Relationship Management CRM, as well as applications for other different activities. A SQL...

SQL Injection Vulnerability in ShopsN v2.0 Frontend OrderGroupController.class.php File

ShopsN is a free e-commerce open source system. ShopsN v2.0 official version of the front-end OrderGroupController.class.php file SQL injection vulnerability. The vulnerability is due to the system failing to effectively filter user-submitted data. An attacker can exploit this vulnerability to...

WordPress WatuPRO SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports the setting up of personal blog sites on servers with PHP and MySQL.WatuPRO plugin is one of the online quiz plugin. A SQL injection vulnerability exists in WordPress WatuPRO...

Pragyan CMS SQL Injection Vulnerability (CNVD-2017-32462)

Pragyan CMS is a multi-user, modular PHP and MySQL based Content Management System CMS. The system supports custom built-in frameworks, user group rights management, search engine optimization and more. A SQL injection vulnerability exists in Pragyan CMS version 3.0. A remote attacker can exploit...

SQL Injection Vulnerability in OURPHP Message Boards

OURPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. A SQL injection vulnerability exists in the OURPHP V1.7.3 message board, which is caused by the system failing to strictly filter the parameters entered by the user. ...

SQL Injection Vulnerability in several pages of Arsenal CMS v2.1

JX CMS Jxcms is a website construction and management system independently developed by Taizhou JX Information Technology Co. A SQL injection vulnerability exists in the 'AdAction.class.php', 'AreaAction.class.php' and 'AccessAction.class.php' pages. An attacker can exploit this vulnerability to...

SQL injection vulnerability in the product.asp page of the website building system of Dongguan Starlight Technology Co.

Dongguan Starlight Technology Co., Ltd. website builder is a website builder system. A SQL injection vulnerability exists in the product.asp page of the website builder system of Dongguan Starlight Technology Co. The vulnerability is due to the system fails to effectively filter the data submitte...

Wenzhou Starlight Technology Development Co., Ltd. website builder system newLook.asp page SQL injection vulnerability

Wenzhou Starlight Technology Development Co., Ltd. website builder is a website builder system. There is a SQL injection vulnerability in the newLook.asp page of the website builder system of Wenzhou Starlight Technology Development Co. The vulnerability is due to the system fails to effectively...

SQL Injection Vulnerability in Newsshow.asp Page of Yiming Website Builder System

Yiming web builder is a website builder system. A SQL injection vulnerability exists in the newsshow.asp page of the Yiming Website Builder System. The vulnerability is caused due to the system failing to effectively filter user-submitted data. An attacker can exploit this vulnerability to obtain...