OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite SQL Injection Vulnerabilities

The SiteSentinel Integra 100, SiteSentinel Integra 500 and SiteSentinel iSite ATG are products that provide tank monitoring capabilities for OPW's fuel management system. An SQL injection vulnerability exists in OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite, which can be...

SQL injection vulnerability in Nlist.aspx and Mall_Teacher.aspx pages of Xinqi Online Learning System.

Xinqi Online Learning System is an online learning platform system that can make learning plans, realize supervision and monitoring, and assist learning. A SQL injection vulnerability exists in the Nlist.aspx and MallTeacher.aspx pages of Xinqi Online Learning System. An attacker can use this...

SQL Injection Vulnerability in UCMS

UCMS is a simple open source content management system . UCMS version 1.4.3 SQL injection vulnerability , an attacker can exploit the vulnerability to obtain sensitive database information...

Joomla! Quiz Deluxe component SQL injection vulnerability

Joomla! is an open source, cross-platform content management system developed using PHP and MySQL. A SQL injection vulnerability exists in the Quiz Deluxe component of Joomla! that can be exploited by attackers to obtain sensitive database information...

Shijiazhuang Times Interactive Technology Co., Ltd. website building system has SQL injection vulnerabilities

Times Interactive website builder is an enterprise website builder. Shijiazhuang Times Interactive Technology Co., Ltd. website builder system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2017-12710

A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.220170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information...

Xiamen Dragon Pulse website building system products.asp page sid parameter SQL injection vulnerability

Xiamen Dragon Pulse Network is a website building system. Xiamen Dragon Pulse Network website builder system products.asp page sid parameter exists SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...

Advantech WebAccess SQL Injection Vulnerability (CNVD-2017-23886)

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess suffers from a SQL injection...

Yunnan Dandelion Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Yunnan Dandelion Network Technology Co., Ltd. is a station building system. A SQL injection vulnerability exists in Yunnan Dandelion Network Technology Co. The vulnerability is due to the system id parameter does not filter the data submitted by the user, a remote attacker can exploit the...

Unspecified SQL Injection Vulnerability in SAP NetWeaver

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. SAP NetWeaver suffers from an unspecified SQL injection vulnerability due to the program's failure to adequately...

SQL Injection Vulnerability in the file /qkshowmarc/show_xk.asp of the Mythos™ Literature Management System

Mythos™ Document Management System is a library management reference platform with a professional database as the backend data storage on Windows or UNIX/Linux platform. A SQL injection vulnerability exists in the Qkxxbid parameter of the file /qkshowmarc/showxk.asp in the Mythos™ Document...

SQL Injection Vulnerability in Mythos™ Documentation Management System

Mythos™ Document Management System is a library management reference platform with a professional database as the backend data storage on Windows or UNIX/Linux platform. A SQL injection vulnerability exists in Mythic™ Document Management System, which can be exploited by attackers to obtain...

SQL Injection Vulnerability in Xiaowei OA v2.0

Xiaowei OA system is Beijing Xiaowei Help Technology Co., Ltd. to provide mobile office platform for small and medium-sized enterprises. SQL injection vulnerability exists in Xiaowei OA v2.0, which can be exploited by attackers to obtain sensitive information from the database...

NexusPHP SQL Injection Vulnerability

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. SQL injection vulnerability in the massmail.php file in NexusPHP version 1.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

NexusPHP SQL Injection Vulnerability (CNVD-2017-220459)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in the takeconfirm.php file in NexusPHP version 1.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'conusr'...

Quest KACE Systems Management Appliance SQL Injection Vulnerability

Quest KACE Systems Management Appliance is an IT asset management appliance from Quest Software, USA. A SQL injection vulnerability in the Quest KACE Asset Management Appliance allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain...

SQL Injection Vulnerability in NETS9 Multi-Star System Reference Station Receiver Control Software of Guangzhou Nanfang Satellite Navigation Instrument Co.

The NETS9 is a multi-satellite system reference station receiver. A SQL injection vulnerability exists in the control software of the NETS9 multi-satellite system reference station receiver of Guangzhou Nanfang Satellite Navigation Instrument Co., Ltd. that could be exploited by an attacker to...

SQL Injection Vulnerability in Internet Security Management System of Qingdao Hengxin Technology Development Co.

Qingdao Hengxin Technology Development Co., Ltd. is positioned as a high-tech enterprise specializing in the research and development of computer network and information security technology products. Qingdao Hengxin Technology Development Co., Ltd. Internet security management system SQL injectio...

SQL Injection Vulnerability in MZD Web Platform of Changsha Spring Culture Communication Co.

MZD network platform software is Spring's set of years of practical experience in diskless network and the actual needs of customers, independent research and development completed a server/client mode operation, to provide professional diskless guidance services for the client's management...

WordPress Loginizer SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A security vulnerability in WordPress Loginizer's handling of the X-Forwarded-For HTTP packet header allows remote attackers ...