The vulnerability of the MySQL database management system allows a hacker to cause a service failure.

The vulnerability of the InnoDB component of the MySQL database management system is related to the creation of critical data packets. Exploiting this vulnerability can allow a malicious actor to cause a system to become unresponsive or, in rare cases, to trigger an emergency shutdown through...

EMC Documentum D2 4.5.x and 4.6.x < 4.7 Multiple Vulnerabilities (ESA-2016-167)

The remote host is running a version of EMC Documentum D2 that is 4.5.x or 4.6.x prior to 4.7. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can...

IBM Kenexa LMS on Cloud SQL Injection Vulnerability (CNVD-2017-00564)

IBM Kenexa LMS on Cloud is a configurable, enterprise-grade social learning management system LMS from IBM that integrates social networking, collaboration, and knowledge sharing capabilities. The system provides interactive features and supports users to evaluate learning content and share their...

Advantech WebAccess 'updateTemplate.aspx' SQL Injection Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A SQL injection vulnerability exists in Advantech WebAcces...

MC Documentation Creator SQL Injection Vulnerability

MC Documentation Creator is a PHP document creation script . A SQL injection vulnerability exists in MC Documentation Creator. Due to poor parameter filtering in this PHP script, an attacker can exploit the vulnerability to obtain sensitive data...

Smart Guard Network Manager SQL Injection Vulnerability

Smart Guard Network Manager is a software that manages your network, bandwidth and network security. An SQL injection vulnerability exists in the ?menuid parameter of the searchallhistory.php page in Smart Guard Network Manager version 6.3.2, which originates from the program failing to adequatel...

Microsoft .NET Framework Information Disclosure Vulnerability (CNVD-2016-12419)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Dell SonicWALL Universal Management Suite SQL Injection Vulnerability

Dell SonicWALL Universal Management Suite is a product of Dell, Inc. Dell SonicWALL Analyzer provides a comprehensive view of the network with comprehensive reports on bandwidth, threats and application traffic analysis. Dell SonicWALL Global Management System GMS is easily replaced, updated or...

Luis Bernardo SQL Injection Vulnerability

Luis Bernard is a web application development framework. A SQL injection vulnerability exists in the idplayer parameter of the formseeplayer.php page of the Luis Bernard system. Because the program fails to adequately filter user-submitted input, an attacker could use this vulnerability to take...

SQL Injection Vulnerability in LMID Parameter of United Technologies Healthcare System

Lianzhong Technology Medical System is a medical and health system application software of Zhejiang Lianzhong Intelligence Technology Co. A SQL injection vulnerability exists in the LMID parameter of the Lianzhong Technology Medical System, as the program fails to properly filter the LMID...

SQL Injection Vulnerability in Seth Interactive Technologies CRM System

SalesPlus is a Salesforce partner and CRM service provider. A SQL injection vulnerability exists in the CRM system of SalesPlus Interactive Technologies. The vulnerability is caused by uid, type, topicid, tid, senduserid, sendobjectid, sendgroupid, search, replytype, pid, key, id, groupname,...

MyBB has multiple vulnerabilities (CNVD-2016-11606)

MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.7, including: SQL injecti...

MyBB has multiple vulnerabilities (CNVD-2016-11625)

MyBB aka MyBulletinBoard is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. Multiple security vulnerabilities exist in versions of MyBB prior to 1.8.7, including: SQL injecti...

SAP Hybris E-commerce Suite SQL Injection Vulnerability

SAP Hybris Management Console HMC is a suite of enterprise-class multichannel e-commerce and product content management PCM software from SAP. An injection vulnerability exists in SAP Hybris E-commerce Suite that stems from the program failing to adequately filter user-submitted input. An attacke...

SQL Injection Vulnerability in NetDoit of Acuity Brands Creative Marketing Ltd.

NetDoit is a small CMS system developed by php+mysql. The product newsdetail.php?id= exists SQL injection vulnerability, the injection parameter is id, the attacker can use the vulnerability to obtain database sensitive information...

Ufo UFO-UAPWS suffers from SQL error reporting injection vulnerability (CNVD-2016-10771)

Ufo UFO-UAPWS Reporting System is an Internet solution for enterprises. A SQL reporting error injection vulnerability exists in UFIDA UFO-UAPWS. An attacker exploiting the vulnerability can view sensitive information, obtain database information, and cause information leakage...

SQL Injection Vulnerability in Type Parameters of Penta Digital Campus System

Penta Digital Campus System is using the technology platform of .NET+SqlServer. A SQL injection vulnerability exists in the /Student/xsxk/MessageView.aspx page of the Penda Digital Campus System. The lack of filtering of the 'type' parameter allows an attacker to exploit the vulnerability to obta...

SAP Adaptive Server Enterprise SQL Injection Vulnerability

SAP Adaptive Server Enterprise ASE is a high-performance relational database management system of Germany SAP SAP. A SQL injection vulnerability exists in SAP ASE 16.0 SP02 PL03 and earlier versions. An attacker can exploit this vulnerability to gain system administrator privileges via dbcc...

Exponent CMS 'title' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...

SQL Injection Vulnerability in Digital China Internet Behavior Management System Announcement Parameters

Digital China Internet Behavior Management System is an Internet behavior logging system that fully owns the network behavior analysis management system, integrating hardware and software architecture, behavior analysis engine, management and control policies, analyzing network activities in real...