WordPress Multi Feed Reader Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on PHP and MySQL servers.Multi Feed Reader is one of the components used to create RSS feed templates. A SQL injection vulnerability exists in Mult...

Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2017-11315)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in the user/index.php fil...

TPshop 2.0 Backend SQL Injection Vulnerability in Multiple Different Page Parameters

TPshop open source mall system Thinkphp shop for short , is a set of Shenzhen Soleil Networks Ltd. developed a set of multi- merchant model of the mall system . TPshop 2.0 background parameters of a number of different pages mobile, id and orderby the existence of SQL injection leaks , allowing...

Flash cms /wap has multiple SQL Injection Vulnerabilities

Flash Flash cms is a flash website system developed by Zibo Flash Network Technology Co. Flash cms has a SQL injection vulnerability. The vulnerability stems from the program's failure to filter user-submitted data, which can be exploited by attackers to obtain sensitive database information...

Joomla VideoFlow SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in Joomla VideoFlow. An attacker can exploit this vulnerability to gain access to sensitive database information...

finecms has a csrf vulnerability

FineCMS is a content management system based on PHP+MySql. A CSRF vulnerability exists in the finecms backend form for executing SQL, which can be exploited by attackers to trick administrators into clicking on a malicious link to execute SQL statements and write a webshell to gain server...

INFOR EAM SQL Injection Vulnerability

Infor EAM is the best configurable enterprise-class asset management solution on the market. Improve capital asset management by increasing reliability, enhancing predictive maintenance, ensuring regulatory compliance, reducing energy consumption, and supporting sustainability programs. An SQL...

Apple macOS Sierra SQLite SQL Query Memory Corruption Vulnerability

Apple macOS is a set of operating systems that run on Apple's Macintosh line of computers. A memory corruption vulnerability exists in the Apple macOS Sierra SQLite SQL query, which can be exploited by a remote attacker to submit a special WEB page and trick the user into parsing it to execute...

Apple macOS Sierra SQLite SQL Query Arbitrary Code Execution Vulnerability

Apple macOS is an operating system that runs on Apple's Macintosh line of computers. An arbitrary code execution vulnerability exists in the Apple macOS Sierra SQLite SQL query, which can be exploited by a remote attacker to submit a special SQL query and execute arbitrary code...

UBUNTU-CVE-2017-2519

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...

Joomla! 'com_fields' component SQL injection vulnerability

Joomla! is one of the most popular Content Management System CMS solutions in the world. A SQL injection vulnerability exists in the 'comfields' component of Joomla! An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in WinCMS id Parameter of Enterprise Business Technology

WinCMS is a website management system managed and developed by Tianjin Qishang Huichuang Technology Co. A SQL injection vulnerability exists in the WinCMS id parameter. The vulnerability allows attackers to exploit the vulnerability to obtain sensitive information in the database...

SQL Injection Vulnerability in 'menu_id' Parameter of Pioneer Hi-Tech Government System

Pioneer Hi-Tech Government System is an "easy technology" system. A SQL injection vulnerability exists in the 'menuid' parameter of the Pilot Hi-Tech Government System. This vulnerability can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in EasySite WebService Interface

easySite Content Management System is a professional portal content management system developed and completed by ZKHUILIAN. EasySite WebService interface SQL injection vulnerability, the vulnerability stems from the WebService WSDL interface fails to submit sufficient data filtering caused by an...

Accellion FTA Device SQL Injection Vulnerability (CNVD-2017-07454)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A SQL injection vulnerability exists in the reporterror.php file in versions of Accellion FTA devices prior to FTA912180. A remote...

flatCore SQL Injection Vulnerability

flatCore is a web content management system based on PHP5 and SQLite3. A SQL injection vulnerability exists in flatCore, which allows remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

SQL Injection Vulnerability in Zendo 9.1.2 zentao\lib\base\dao\dao.class.php Page

Zendo is an open source project management software. Zendo project management software version 9.1.2 zentao\lib\base\dao\dao.class.php page SQL injection vulnerability. The orderBy function fails to filter the data submitted by the user, allowing an attacker to exploit the vulnerability to obtain...

MODX Revolution SQL Injection Vulnerability

MODx is an open source PHP application framework that helps users control their online content. A SQL injection vulnerability exists in MODX Revolution versions 2.0.1-pl through 2.5.6-pl. An attacker can exploit the vulnerability to inject or manipulate SQL queries in the back-end database,...

SQL Injection Vulnerability in CUID Parameter of Hikvision's In-vehicle Remote Monitoring System AddUser.php File

Hikvision vehicle remote monitoring system is a set of vehicle video networking monitoring platform software. A SQL injection vulnerability exists in the parameter CUID of the AddUser.php file in Hikvision Vehicle Remote Monitoring System. It allows attackers to exploit the vulnerability to obtai...

S-CMS /member/member_wuliu.asp page O_id parameter has SQL injection vulnerability

S-CMS is a corporate website building system developed by Zibo Shining Network Technology Co. A SQL injection vulnerability exists in the S-CMS /member/memberwuliu.asp page. Due to insufficient filtering of user input, the program allows attackers to exploit the vulnerability to obtain sensitive...