SetucoCMS SQL Injection Vulnerability

SetucoCMS is a content management system CMS. A SQL injection vulnerability exists in SetucoCMS. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

SQL Injection Vulnerability in Wave OA Intelligent Office Platform

Longchamp Yunhai OA Intelligent Office Platform is aimed at the private and hybrid cloud market, providing open and secure enterprise-class cloud data center operation and maintenance management capabilities. SQL injection vulnerability exists in the Wave OA Office system, allowing attackers to...

WDS CMS SQL Injection Vulnerability

WDS CMS is a website management system. WDS CMS suffers from a SQL injection vulnerability, which can be exploited by an attacker to gain access to the database contents, as well as to upload backdoor files in subsequent attacks...

PT-2016-6893 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center versions 4.10.3 through 5.4.0 Description: A SQL injection issue allows remote authenticated users to execute arbitrary SQL commands. Recommendations: For versions 4.10.3 through 5.4.0, update to a version th...

SQL Injection Vulnerability in AVCON6 System Management Platform Name Parameter at Warburg Pincus Information Technology Co.

Huaping Information Technology Co., Ltd. is committed to promoting the innovation of business models in various industries and the enhancement of people's life intelligence through the innovative "Internet +" video technology. A SQL injection vulnerability exists in the name parameter of AVCON6...

3Webs CMS SQL Injection Vulnerability

3Webs CMS is a content management system. 3Webs CMS suffers from a SQL injection vulnerability that can be exploited by an attacker via a SQL injection command, resulting in the disclosure of database information...

Netbaran SQL Injection Vulnerability

Netbaran suffers from a SQL injection vulnerability that can be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying database...

SQL injection vulnerability in weiphp 'application\Home\Controller\PublicLinkController.class.php' page

weiphp is an open source, efficient, simple microsoft development platform. An SQL injection vulnerability exists in the weiphp 'application\Home\Controller\PublicLinkController.class.php' page. Allow attackers can exploit the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in ID Parameters of Dynamic Easy Network Campus System

Dynamic easy network campus system is based on the actual application needs of customers in the education industry Dynamic easy to provide a complete set of school website application solutions, set "home-school interaction, knowledge sharing, teaching aids," in one, to assist the school website ...

SQL injection vulnerability exists in the page /target/lres/special/index.html?special_id=30 of the generic reader education system of Nanjing Oncor Technology Co.

Nanjing Oncor Technology Co., Ltd Esmay Reader Education System is a set of library reader education system. The system /target/lres/special/index.html?specialid=30 page has a SQL injection vulnerability. An attacker can remotely exploit the vulnerability to obtain sensitive database information...

Exponent CMS SQL Injection Vulnerability (CNVD-2016-07937)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability...

Open Ticket Request System FAQ SQL Injection Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted by phone, email and other channels into different queues, service levels, and service personnel through the OTRS system ...

Enterprise Flow Control Routing Product iKuai IK-G20 SQL Injection Vulnerability

The Ikuai IK-G20 is an enterprise-class flow control router from China's AllConvergence Network Technology. An SQL injection vulnerability exists in the enterprise-class flow control routing product iKuai IK-G20 iKuai82.6.5Build20160815 and historical versions. An attacker can use this...

SQL Injection Vulnerability in School Management System of Shenzhen Chuangyou Network Co.

Shenzhen Chuangyou Networks school management system is a secondary school-based education management software. The product /sysTemplateWeb/ShowWebStyle.aspx?XXDM=440203000008&CatalogId= there is a SQL injection vulnerability, the injection parameter is CatalogId, the attacker can use the...

SQL injection vulnerability in the ID parameter of the GG.aspx page of the Quality Supervision Station Comprehensive Information Service Platform of Zhuhai Xinhua Tong Software Co.

ZHXHT Supervision and Regulation Comprehensive Service Platform is a comprehensive platform integrating engineering supervision, testing supervision, commercial mixing supervision, web portal, commercial mixing quality networking supervision, credit rating, OA office, SMS system, wireless...

SQL Injection Vulnerability in the id Parameter of Nanchangwei.com Electronic Newspaper System

"VNN Digital Newspaper" is a professional software product for digitizing newspapers, which can provide a perfect solution for paper newspapers to go online. It allows the original newspaper layout to be quickly and easily presented to readers through the Internet. There exists a SQL injection...

SQL injection vulnerability in BlogManage/Video/MyVideo.aspx page of Shanghai Hongyu Information Technology Co.

ECS ECS education site system is a general-purpose CMS program developed by Shanghai Hongyu Information Technology Co., Ltd. for schools, education and other site-building system. ECS BlogManage/Video/MyVideo.aspx page has a SQL injection vulnerability, which can be exploited to obtain sensitive...

TYPO3 Frontend Login SQL Injection Vulnerability

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A SQL injection vulnerability exists in TYPO3 Frontend Login. Because the application fails to adequately filter user-supplied data before being used in SQL queries, an attacker could exploit the...

SQL Injection Vulnerability in TUTUCMS Order Parameter

TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter order parameters, only the source code to do the corresponding code audit. Allow attackers to exploit the...

SQL Injection Vulnerability in Ektronix Website Building System

Ektrosys developed a general-purpose CMS program for schools, education and other sites. The product has a SQL injection vulnerability, the vulnerability URL is: http://www.sxzkc.cn/BlogManage/Message/ManageInBoxMessage.aspx, the vulnerability parameter is: txtInBoxSearch The attacker can use the...