Multiple SQL Injection Vulnerabilities in Panmicro's Mobile OA Solution e-mobile

E-Mobile is a mobile office product based on Android client released by Shanghai Panmicro Network Technology Co. There are multiple SQL injection vulnerabilities in Panmicro's mobile OA solution, e-mobile. It allows attackers to utilize commonly used SQL injection tools to obtain sensitive databa...

SQL Injection Vulnerability in vnet web management system of China Haida

COSHIDA VNet6 Professional Reference Station Receiver is one of COSHIDA's new VNet series of measurement systems, and it is also a professional reference station receiver specially designed for reference station applications. A SQL injection vulnerability exists in the COSHIDA vnet web management...

Drupal SQL Comment Filtering System SQL Injection Vulnerability

Drupal is a free and open source content management system developed in PHP. A SQL injection vulnerability exists in the Drupal SQL Comment Filtering System, which allows remote attackers to exploit the vulnerability to submit specially crafted SQL queries to manipulate or obtain database data...

WordPress WP Symposium Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.WP Symposium is one of the social networking plug-ins. A SQL injection vulnerability exists in WordPress WP Symposium plugin...

SQL Injection Vulnerability in Anhui Business Network CMS System

A SQL injection vulnerability exists in the CMS system of Anhui Business Network. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Arab Portal SQL Injection Vulnerability

Arab Portal is a set of web portals. A SQL injection vulnerability exists in Arab Portal version 3, which stems from a failure of the members.php script to adequately filter the 'showemail' parameter in the signup operation. A remote attacker could use this vulnerability to execute arbitrary SQL...

Generalized SQL Injection Vulnerability in lm Parameters of Seven Colors Web Site Building System

Seven Colors Web Building System is a system that provides professional website building services. A generic SQL injection vulnerability exists in the lm parameter of the Seven Colors Network website builder system. Allow attackers to utilize commonly used SQL injection tools to obtain sensitive...

Generalized SQL Injection Vulnerability in Seven Colors Network Website Builder System

A generic SQL injection vulnerability exists in the Seven Colors Network website builder system. The vulnerability allows attackers to obtain sensitive database information...

SQL Injection and Arbitrary File Upload Vulnerabilities in Rural Electronic Monitoring Platform of Beijing Zhongnong Xinda Information Technology Co.

Beijing Zhongnong Xinda Information Technology Co., Ltd. is a provider of comprehensive services for three rural informatization, and the Rural Electronic Monitoring Platform is one of the company's monitoring platforms. A SQL injection and arbitrary file upload vulnerability exists in the Rural...

Symantec Endpoint Protection Manager SQL Injection Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 A SQL injection vulnerability exists in the management console of...

WordPress SP Project & Document Manager plugin 'ajax.php' SQL injection vulnerability

WordPress is a blogging platform developed using the PHP language. The 'SP Project & Document Manager' plugin for WordPress suffers from a sql injection vulnerability in the implementation of 'ajax.php', which can be exploited by an attacker to take control of the application and perform...

Cacti SQL Injection Vulnerability (CNVD-2015-04994)

Cacti is based on PHP, MySQL, SNMP and RRDTool developed a set of graphical analysis of network traffic monitoring tools . Cacti 'graphs.php' , 'cdef.php', 'datatemplates.php', 'graphtemplates.php' and 'hosttemplates.php' scripts incorrectly filter user input, allowing remote attackers to exploit...

Sysphonic Thetis SQL Injection Vulnerability

Thetis World-Strongest groupware/web collaboration suite is based on Ruby on Rails. A SQL injection vulnerability exists in Sysphonic Thetis versions prior to 2.3.0, which can be exploited by remote attackers to execute arbitrary SQL commands...

SQL Injection Vulnerability in Panmicro E-office /E-mobile/create/ajax_do.php Parameters

Panmicro E-office is an OA product launched by Panmicro for small and medium-sized organizations. A SQL injection vulnerability exists in the Panmicro E-office /E-mobile/create/ajaxdo.php parameter, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in Gobetters Video Conferencing System /web/server/serverstart.php?machineid= Parameter

GoBetter video conferencing system is a pure software video conferencing system with high-performance audio and video interactions, as well as perfect data functions launched by GoBetter. A SQL injection vulnerability exists in the Gobetters Video Conferencing...

SQL Injection Vulnerability in sGaoHao Parameter of Nanjing Jenohan Journal Submission System

Nanjing Jenohan Software Technology Co., Ltd. is for the development of hospital full cost accounting decision support software system, hospital performance management information system and hospital customer management information system. SQL injection vulnerability exists in the sGaoHao paramet...

SQL Injection Vulnerability in Haitian OA System ID Parameter

Haitian OA network office system is suitable for enterprises and institutions of the general-purpose network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerabili...

SQL Injection Vulnerability in OAID Parameter of Haitian OA System/Documents/OA_DocDisplay_NewWindow.asp Page

Haitian OA network office system is suitable for enterprises and institutions of the general-purpose network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerabili...

Symantec Endpoint Protection Management Console SQL Injection Vulnerability

Symantec Endpoint Protection is a protection software developed to enhance enterprise virus protection and advanced threat defense. Symantec Endpoint Protection management console fails to properly validate user input and administrators with low privileges can perform SQL injection attacks with...

Milw0rm Clone Script SQL Injection Vulnerability

Milw0rm is a hacking and defense interest group that provides security services such as vulnerability mining, security information, hacking and defense, security tools and other security services for IT technicians.Milw0rm Clone Script is a script for sharing and managing the Milw0rm website's...