SAP NetWeaver J2EE Engine UDDI Server SQL Injection Vulnerability

SAP NetWeaver J2EE Engine is the German SAP SAP company's a service-oriented integrated application platform J2EE engine. A SQL injection vulnerability exists in the UDDI server of SAP NetWeaver J2EE Engine version 7.40. A remote attacker could exploit this vulnerability to execute arbitrary SQL...

WeBid SQL Injection Vulnerability

WebID is the serial number of ESET antivirus software that can be obtained automatically. An SQL injection vulnerability exists in WeBid. Because the '$SESSION"id"' talkback variable is not properly filtered, an attacker can exploit the vulnerability to alter raw SQL queries and execute arbitrary...

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...

CVE-2016-0881

EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and obtain sensitive repository information by appending a query to a REST request...

Cisco RV220W SQL Injection Vulnerability

The Cisco RV220W is a wireless VPN firewall router product from Cisco. A SQL injection vulnerability exists in the web-based management interface of the Cisco RV220W, which can be exploited by remote attackers to submit a specially crafted SQL query to manipulate or obtain database data...

SQL Injection Vulnerability in Internet Behavior Audit Gateway of Chengdu Flying Fish Star Technology Development Co.

Chengdu Flying Fish Star Technology Co., Ltd. is dedicated to providing intelligent and easy-to-use network communication products and services. A SQL injection vulnerability exists in the Internet Behavior Audit Gateway of Chengdu Flyingfish Star Technology Development Co. An attacker is allowed...

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. A security vulnerability exists in Cisco Unified Communications Manager 11.0 0.98000.225 that does not validate user input within a SQL query. An attacker sending a URL containing an SQL statement cou...

SQL Injection Vulnerability in 'channel' Parameter of Founder Xiangyu Web Content Management System

Founder Xiangyu website content management system is a full-process management platform for website information publishing. A SQL injection vulnerability exists in the Founder Xiangyu Web Content Management System. The lack of filtering of the 'channel' parameter allows an attacker to exploit the...

IBM InfoSphere BigInsights Big SQL Component Security Bypass Vulnerability

IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the back-end...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication and billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the...

Multiple Vulnerabilities in GCMS 2005 of Beijing Guangdu Qimin Information Technology Co.

Ltd. Speed Sword 2005 GCMS is a portal creation and management system that integrates content management system, multi-site management and page display. SQL injection and cross-site scripting vulnerabilities exist in GCMS. An attacker can exploit the vulnerabilities to obtain sensitive database...

SQL Injection Vulnerability in Decentralized Management (e-cology) System of Shanghai Panmicro Network Technology Co.

Panmicro collaborative management application platform e-cology is a set of collaborative business platform. An SQL injection vulnerability exists in the e-cology system, which can be exploited by an attacker to obtain database information due to the lack of filtering of the loginid parameter...

SQL Injection Vulnerability in Panmicro OA Office System

Panavision OA Office System is a coordination office software. Panmicro OA Office System suffers from a SQL injection vulnerability and a lack of filtering of the formName parameter, which can be exploited by an attacker to obtain sensitive information from a website database...

Shandong Nongyou Agricultural Integrity System SQL Injection Vulnerability

Shandong Nongyou Agricultural Integrity System is an agricultural management system. The Agricultural Integrity System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Shandong Nongyou Land Transfer Management Platform SQL Injection Vulnerability

Shandong Nongyou Land Transfer Management Platform is an agricultural management software. The Land Transfer Management Platform suffers from an SQL injection vulnerability that allows attackers to exploit the vulnerability to obtain sensitive information from the database...

Shandong Nongyou Village-level Major Matters and Supervisory Committee Construction Supervision System SQL Injection Vulnerability

A software program for rural villagers' supervisory committees and village affairs management, which is a system for supervising the construction of village-level major issues and supervisory committees. A SQL injection vulnerability exists in the Shandong Nongyou Software Village-level Major...

Multiple SQL Injection Vulnerabilities in Moneybookers Online Lending System

The P2P P2B/P2C network lending platform software is a comprehensive network lending business management system designed and developed for a variety of microfinance network lending models including P2P, P2B/P2C business models. There are multiple SQL injection vulnerabilities in the Moneybookers...

SQL Injection Vulnerability in Creative Yingfeng School Office OA System

Think Yingfeng School Office OA System is a comprehensive school management platform. A SQL injection vulnerability exists in versions 3.99 and earlier of the Creative Yingfeng School Office OA System. It allows attackers to exploit the vulnerability to obtain sensitive database information...

SAP HANA DB SQL Interface Arbitrary Code Execution Vulnerability

SAP HANA DB is an in-memory, row- and column-based database from SAP. The database provides fast queries against multidimensional data, filtering out cluttered and useless data, and synchronizing the execution of multiple queries. A security vulnerability exists in the SQL interface of SAP HANA D...