SQL Injection Vulnerability in Netqi CMS Web Management System 6.0

Netqi CMS website management system is a set of CMS system developed by Netqi, this system is developed using ASP.NET kernel. The system's ip/ajax.apsx page has an SQL injection vulnerability that allows arbitrary users to obtain database information...

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

Cisco Identity Services Engine SQL Injection Vulnerability

Cisco Identity Services Engine is an identity-based environment awareness platform from Cisco. A SQL injection vulnerability exists in the Cisco Identity Services EngineWeb framework interface, which allows remote attackers to exploit the vulnerability to submit specially crafted SQL queries to...

Censys Search

The module uses the Censys REST API to access the same data accessible through the web interface. The search endpoint allows queries using the Censys Search Language against the Hosts dataset. Setting the CERTIFICATES option will also retrieve the certificate details for each relevant service by...

PT-2016-4508 · Huge It · Huge-It Portfolio Gallery Manager

Name of the Vulnerable Software and Affected Versions: Huge-IT Portfolio Gallery manager version 1.1.0 Description: The issue concerns SQL Injection and XSS in the Huge-IT Portfolio Gallery manager. No further details are provided about the nature of the issue, affected devices, or real-world...

Ipswitch WhatsUp Gold SQL Injection Vulnerability (CNVD-2016-10073)

Ipswitch WhatsUp Gold is a suite of unified infrastructure and application monitoring software from Ipswitch USA. A SQL injection vulnerability exists in the sUniqueID parameter of the WrFreeFormText.asp script in Ipswitch WhatsUp Gold version 16.4.1, which can be exploited by remote attackers to...

SQL Injection Vulnerability in UFIDA UFO System queryByWhere Interface

UFIDA UFO system is UFIDA software comes with tabular data processing software. A SQL injection vulnerability exists in the queryByWhere interface of UFIDA UFO System. An attacker is allowed to exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in bjbh Parameter of EAP Digital Campus Integration Management Platform of Guangzhou Zhongda Dongri Education Technology Co.

EAP platform, abbreviated as EAP Enterprise Application Platform, enterprise application platform, also known as enterprise management software platform, is a highly open, integrated with a number of enterprise management software modules. Guangzhou CUHK Dongri Education Technology Co., Ltd. EAP...

SQL Injection Vulnerability in the queryInvcl Method of the UFIDA UFO System

UFIDA UFO system is UFIDA software comes with tabular data processing software. A SQL injection vulnerability exists in the queryInvcl method of UFIDA UFO System. An attacker is allowed to exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in Bidding Member System of Jiangsu Guotai New Point Software Co.

An electronic bidding system is a means of trading on a public resources trading platform. There is a SQL injection vulnerability in the bidding membership system of Jiangsu Guotai New Point Software Co., Ltd. that can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in the Type Parameter of NoticeList.aspx Page of Wave e-Procurement Platform

Wave e-procurement platform is a proprietary e-commerce platform for enterprises built using cloud computing and e-commerce technology. A SQL injection vulnerability exists in the Type parameter of the NoticeList.aspx page of the Wave e-Procurement Platform, which can be exploited by an attacker ...

TYPO3 GN Tactics Planner Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system. A SQL injection vulnerability exists in TYPO3 GN Tactics Planner Extension due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to access or modify data...

SetucoCMS SQL Injection Vulnerability

SetucoCMS is a content management system CMS. A SQL injection vulnerability exists in SetucoCMS. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

SQL Injection Vulnerability in Wave OA Intelligent Office Platform

Longchamp Yunhai OA Intelligent Office Platform is aimed at the private and hybrid cloud market, providing open and secure enterprise-class cloud data center operation and maintenance management capabilities. SQL injection vulnerability exists in the Wave OA Office system, allowing attackers to...

WDS CMS SQL Injection Vulnerability

WDS CMS is a website management system. WDS CMS suffers from a SQL injection vulnerability, which can be exploited by an attacker to gain access to the database contents, as well as to upload backdoor files in subsequent attacks...

PT-2016-6893 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center versions 4.10.3 through 5.4.0 Description: A SQL injection issue allows remote authenticated users to execute arbitrary SQL commands. Recommendations: For versions 4.10.3 through 5.4.0, update to a version th...

SQL Injection Vulnerability in AVCON6 System Management Platform Name Parameter at Warburg Pincus Information Technology Co.

Huaping Information Technology Co., Ltd. is committed to promoting the innovation of business models in various industries and the enhancement of people's life intelligence through the innovative "Internet +" video technology. A SQL injection vulnerability exists in the name parameter of AVCON6...

3Webs CMS SQL Injection Vulnerability

3Webs CMS is a content management system. 3Webs CMS suffers from a SQL injection vulnerability that can be exploited by an attacker via a SQL injection command, resulting in the disclosure of database information...

Netbaran SQL Injection Vulnerability

Netbaran suffers from a SQL injection vulnerability that can be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying database...

SQL injection vulnerability in weiphp 'application\Home\Controller\PublicLinkController.class.php' page

weiphp is an open source, efficient, simple microsoft development platform. An SQL injection vulnerability exists in the weiphp 'application\Home\Controller\PublicLinkController.class.php' page. Allow attackers can exploit the vulnerability to obtain database sensitive information...