SQL injection vulnerability exists in the page /target/lres/special/index.html?special_id=30 of the generic reader education system of Nanjing Oncor Technology Co.

Nanjing Oncor Technology Co., Ltd Esmay Reader Education System is a set of library reader education system. The system /target/lres/special/index.html?specialid=30 page has a SQL injection vulnerability. An attacker can remotely exploit the vulnerability to obtain sensitive database information...

Exponent CMS SQL Injection Vulnerability (CNVD-2016-07937)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability...

Open Ticket Request System FAQ SQL Injection Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted by phone, email and other channels into different queues, service levels, and service personnel through the OTRS system ...

Enterprise Flow Control Routing Product iKuai IK-G20 SQL Injection Vulnerability

The Ikuai IK-G20 is an enterprise-class flow control router from China's AllConvergence Network Technology. An SQL injection vulnerability exists in the enterprise-class flow control routing product iKuai IK-G20 iKuai82.6.5Build20160815 and historical versions. An attacker can use this...

SQL Injection Vulnerability in School Management System of Shenzhen Chuangyou Network Co.

Shenzhen Chuangyou Networks school management system is a secondary school-based education management software. The product /sysTemplateWeb/ShowWebStyle.aspx?XXDM=440203000008&CatalogId= there is a SQL injection vulnerability, the injection parameter is CatalogId, the attacker can use the...

SQL injection vulnerability in the ID parameter of the GG.aspx page of the Quality Supervision Station Comprehensive Information Service Platform of Zhuhai Xinhua Tong Software Co.

ZHXHT Supervision and Regulation Comprehensive Service Platform is a comprehensive platform integrating engineering supervision, testing supervision, commercial mixing supervision, web portal, commercial mixing quality networking supervision, credit rating, OA office, SMS system, wireless...

SQL Injection Vulnerability in the id Parameter of Nanchangwei.com Electronic Newspaper System

"VNN Digital Newspaper" is a professional software product for digitizing newspapers, which can provide a perfect solution for paper newspapers to go online. It allows the original newspaper layout to be quickly and easily presented to readers through the Internet. There exists a SQL injection...

SQL injection vulnerability in BlogManage/Video/MyVideo.aspx page of Shanghai Hongyu Information Technology Co.

ECS ECS education site system is a general-purpose CMS program developed by Shanghai Hongyu Information Technology Co., Ltd. for schools, education and other site-building system. ECS BlogManage/Video/MyVideo.aspx page has a SQL injection vulnerability, which can be exploited to obtain sensitive...

TYPO3 Frontend Login SQL Injection Vulnerability

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A SQL injection vulnerability exists in TYPO3 Frontend Login. Because the application fails to adequately filter user-supplied data before being used in SQL queries, an attacker could exploit the...

SQL Injection Vulnerability in TUTUCMS Order Parameter

TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter order parameters, only the source code to do the corresponding code audit. Allow attackers to exploit the...

SQL Injection Vulnerability in Ektronix Website Building System

Ektrosys developed a general-purpose CMS program for schools, education and other sites. The product has a SQL injection vulnerability, the vulnerability URL is: http://www.sxzkc.cn/BlogManage/Message/ManageInBoxMessage.aspx, the vulnerability parameter is: txtInBoxSearch The attacker can use the...

SQL Injection Vulnerability in the VoteId Parameter of Hopping Collaborative Content Management System (CCMS)

HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the voteId parameter of the HZCMS. An attacker can exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in SmartClient.asmx?op Page of Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the SmartClient.asmx?op page of Xinwei Software's E-learning system. An attacker can exploit the vulnerability to obtain sensitive information from the website...

SQL Injection Vulnerability in zzcms Latest Product Version /zs/search.php Page

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. zzcms latest product version /zs/search.php page SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database data...

CVE-2016-5817

SQL injection vulnerability in news pages in Cargotec Navis WebAccess before 2016-08-10 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

ReadyDesk SQL Injection Vulnerability

ReadyDesk is a Web-based helpdesk software solution from ReadyDesk, Inc. A SQL injection vulnerability exists in ReadyDesk version 9.1, which can be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying database...

WordPress Plugin Booking Calendar SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own weblogs on servers that support PHP and MySQL databases.Booking Calendar is a WEB-based calendar application. A SQL injection vulnerability exists in the WordPress plugin Booking Calendar. An...

Moxa SoftCMS SQL Injection Vulnerability

Moxa SoftCMS is a centralized management software for type monitoring systems. Moxa SoftCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

SQL Injection Vulnerability in Video Conferencing System of Tangqiao Technology (Hangzhou) Co.

Video conferencing system is a remote collaborative video software, a kind of cloud conference system developed by Tangqiao Technology Hangzhou Co. The product suffers from an SQL injection vulnerability, which can be exploited by attackers to obtain database data...

SQL Injection Vulnerability in Beijing Super Star Huiya Digital Book Literature Service System

Huiya Digital Book and Documentation Service System is an online Chinese library. The product suffers from SQL injection vulnerability, which can be exploited by attackers to obtain database information...