Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. A security vulnerability exists in Cisco Unified Communications Manager 11.0 0.98000.225 that does not validate user input within a SQL query. An attacker sending a URL containing an SQL statement cou...

SQL Injection Vulnerability in 'channel' Parameter of Founder Xiangyu Web Content Management System

Founder Xiangyu website content management system is a full-process management platform for website information publishing. A SQL injection vulnerability exists in the Founder Xiangyu Web Content Management System. The lack of filtering of the 'channel' parameter allows an attacker to exploit the...

IBM InfoSphere BigInsights Big SQL Component Security Bypass Vulnerability

IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the back-end...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication and billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the...

Multiple Vulnerabilities in GCMS 2005 of Beijing Guangdu Qimin Information Technology Co.

Ltd. Speed Sword 2005 GCMS is a portal creation and management system that integrates content management system, multi-site management and page display. SQL injection and cross-site scripting vulnerabilities exist in GCMS. An attacker can exploit the vulnerabilities to obtain sensitive database...

The vulnerability of the IBM DB2 database management system allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by using a scalar function in an SQL query...

The vulnerability of the AMS Device Manager system allows a perpetrator to increase their privileges.

The vulnerability of the AMS Device Manager system control mechanism is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to enhance their privileges by making incorrect data inputs remotely...

SQL Injection Vulnerability in Decentralized Management (e-cology) System of Shanghai Panmicro Network Technology Co.

Panmicro collaborative management application platform e-cology is a set of collaborative business platform. An SQL injection vulnerability exists in the e-cology system, which can be exploited by an attacker to obtain database information due to the lack of filtering of the loginid parameter...

SQL Injection Vulnerability in Panmicro OA Office System

Panavision OA Office System is a coordination office software. Panmicro OA Office System suffers from a SQL injection vulnerability and a lack of filtering of the formName parameter, which can be exploited by an attacker to obtain sensitive information from a website database...

Shandong Nongyou Agricultural Integrity System SQL Injection Vulnerability

Shandong Nongyou Agricultural Integrity System is an agricultural management system. The Agricultural Integrity System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Shandong Nongyou Land Transfer Management Platform SQL Injection Vulnerability

Shandong Nongyou Land Transfer Management Platform is an agricultural management software. The Land Transfer Management Platform suffers from an SQL injection vulnerability that allows attackers to exploit the vulnerability to obtain sensitive information from the database...

Shandong Nongyou Village-level Major Matters and Supervisory Committee Construction Supervision System SQL Injection Vulnerability

A software program for rural villagers' supervisory committees and village affairs management, which is a system for supervising the construction of village-level major issues and supervisory committees. A SQL injection vulnerability exists in the Shandong Nongyou Software Village-level Major...

The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary code.

The vulnerability of the SAP HANA database management system’s SQL interface exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the SQL server authentication process...

Vulnerability of the microprogramming software for Micrologix 1100 and 1400 programmable logic controllers, allowing attackers to execute arbitrary SQL commands

The vulnerability of the microprogrammed logic controllers Micrologix 1100 and 1400 lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

Multiple SQL Injection Vulnerabilities in Moneybookers Online Lending System

The P2P P2B/P2C network lending platform software is a comprehensive network lending business management system designed and developed for a variety of microfinance network lending models including P2P, P2B/P2C business models. There are multiple SQL injection vulnerabilities in the Moneybookers...

SQL Injection Vulnerability in Creative Yingfeng School Office OA System

Think Yingfeng School Office OA System is a comprehensive school management platform. A SQL injection vulnerability exists in versions 3.99 and earlier of the Creative Yingfeng School Office OA System. It allows attackers to exploit the vulnerability to obtain sensitive database information...

SAP HANA DB SQL Interface Arbitrary Code Execution Vulnerability

SAP HANA DB is an in-memory, row- and column-based database from SAP. The database provides fast queries against multidimensional data, filtering out cluttered and useless data, and synchronizing the execution of multiple queries. A security vulnerability exists in the SQL interface of SAP HANA D...

Huawei Enterprise Information Engine SQL Injection Vulnerability

Huawei Enterprise Information Engine EIE is an enterprise information machine product from Huawei, China. A SQL injection vulnerability exists in Huawei EIE. An attacker could use this vulnerability to compromise an application, access or modify data, or exploit a potential vulnerability in the...

Accentis 'SIDX' Parameter SQL Injection Vulnerability

Accentis is a suite of management software for ERP, CRM, payroll, production and inventory management. Accentis fails to properly filter the 'SIDX' parameter, allowing remote attackers to exploit the vulnerability to submit specially crafted SQL query operations or obtain database data...