ZOHO ManageEngine Applications Manager SQL Injection Vulnerability

ZOHO ManageEngine Applications Manager is a suite of application performance monitoring software. A SQL injection vulnerability exists in ZOHO ManageEngine Applications Manager, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or...

Tmdocs dns_dhcp SQL Injection Vulnerability

Tmdocs dnsdhcp is a web interface that allows management of DNSmasq a tool for configuring DNS and DHCP and static DHCP leases in Mikrotik routers. A SQL injection vulnerability exists in Tmdocs dnsdhcp. An attacker could use this vulnerability to take control of an application, access or modify...

Misys FusionCapital Opics Plus SQL Injection Vulnerability

Misys FusionCapital Opics Plus is an end-to-end scalable money business solution for the financial industry from Misys UK. The solution provides IAS-compliant accounting structures, foreign exchange tools and client-facing e-banking capabilities. An SQL injection vulnerability exists in Misys...

SQL Injection Vulnerability in Remote DBMail Mail Server

DBMail is a database-enabled enterprise mail system developed by TeleSoft. A SQL injection vulnerability exists in Telezine DBMail Mail Server V5.0 updated 2016.07.08. The vulnerability is allowed to be exploited by an attacker to gain access to sensitive database information...

Xiecheng Intelligent Technology Limited wifi development system suffers from SQL injection vulnerability

Fuzhou Xiecheng Intelligent Technology Co., Ltd. is a commercial WiFi ecosystem-based enterprise integrating commercial WiFi cloud platform development, communication IT hardware integration and customization, and big data products and services. Xiecheng is committed to become the benchmark of wi...

SQL Injection Vulnerability in Uni Call Calling System

Uni Call Customer Service Edition is a professional software application platform designed for inbound customer service centers. A SQL injection vulnerability exists in the Uni Call call system. The lack of filtering of the /uncalllib/index.php parameter allows attackers to exploit the...

SQL Injection Vulnerability in Agricultural Internet of Things Sensing Platform System

Agricultural IoT sensing platform system is an industrial control system. An SQL injection vulnerability exists in the Agricultural Internet of Things Sensing Platform System, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Shanghai Yongcan CMS

Shanghai Yongcan CMS is a website building system for major enterprises, schools and social organizations. Shanghai Yongcan CMS suffers from SQL injection vulnerability, through which an attacker can obtain database information, resulting in the leakage of sensitive information...

SQL Injection Vulnerability in Magazine System

Magazine System is a newspaper and magazine software designed for colleges and universities. The product suffers from an SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in EMN Intelligent Network Management System

EMN Intelligent Network Management System is a DNS service system composed of a set of industrial control hardware devices and an embedded DNS software system. EMN Intelligent Network Management System suffers from SQL injection vulnerability. It allows attackers to utilize commonly used SQL...

Rexroth Bosch BLADEcontrol-WebVIS SQL Injection Vulnerability

Rexroth Bosch BLADEcontrol is a web-based HMI system. Rexroth Bosch BLADEcontrol has a SQL injection vulnerability in database operations that could lead to control of the database server or remote code execution...

Generalized SQL Injection Vulnerability in Hubei Province Urban Construction Information Network

Hubei construction engineering information network is Hubei construction engineering information industry first portal official station. The Hubei Urban Construction Information Network suffers from a generic SQL injection vulnerability. It allows attackers to utilize common SQL injection tools t...

Generalized SQL Injection Vulnerability in Flow Control Routing of CoQin Technology

Since its inception over 15 years ago, Co-Tech has evolved from a manufacturer of high-end modems to a strong competitor in the broadband solutions space. A generalized SQL injection vulnerability exists in the flow control routing of Welkin Technologies. It allows attackers to utilize commonly...

SQL Injection Vulnerability in CIMCO DSS-MAX Decision Support System

CIMCO is the world's largest installed base of DNC systems, mainly used for networking communication of CNC machine tools, machine monitoring, etc. CIMCO DSS-Max Server is a DNC/MDC decision support service software, through which you can easily manage the DNC/MDC database. SQL injection...

SQL Injection Vulnerability in the LoginName Parameter of the Collaboration Office System of Shanghai CITIC Information Development Co.

CITIC Shanghai Information Development Co., Ltd. collaborative office system is a set of online office automation software A SQL injection vulnerability exists in the loginName parameter of the CITIC Information Development Co., Ltd. collaborative office system, which can be exploited by an...

HITB16 issues resolution: Java applications ORM injection the development of new methods-vulnerability warning-the black bar safety net

! “Hack In The Box”conference is in Europe in Amsterdam, organized by the global well-known Security Summit. This year's conference very interesting, one by a security researcher Mikhail Egorov and Sergey Soldatov presented the topic“Java application ORM injection the development of new...

SQL Injection Vulnerability in China Shipping Container Lines Shanghai Co.

China Shipping Container Lines Shanghai Co., Ltd. is a professional agent company integrating international and domestic container solicitation, shipping agency and container agency. China Shipping Container Electronic Picking System is a set of transportation enterprise product order system. A S...

SQL injection vulnerability in the newss.htm?classID= parameter of the distance education platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is an online knowledge trading platform centered on real-time interactive online classroom, combining powerful functions such as courseware on-demand, course transaction, online payment, and online examination, etc. for students and teachers in...

SQL Injection Vulnerability in Communication Application Server username Parameter of Shenou Communication Equipment Co.

Shenou Communication Equipment Co., Ltd. is a national non-regional enterprise integrating R&D, production, sales and service. Communication Application Server SOC1000 model products are softswitch servers for IP networks, supporting voice, fax and video at the same time. Shenou Communication...

SQL injection vulnerability in the coursewares.htm?recommend= parameter of the distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is an online knowledge trading platform centered on real-time interactive online classroom, combining powerful functions such as courseware on-demand, course transaction, online payment, and online examination, etc. for students and teachers in...