SQL Injection Vulnerability in the Website Building System of Shenzhen GreatPoint Technology Co.

Ltd. is a company specializing in the research and development of Internet of Things IoT big data technology and its system, located in Shenzhen. Ltd. building system there are SQL injection vulnerabilities, attackers can use the vulnerability to obtain sensitive information in the database...

Heybbs us***_re***.php file suffers from SQL injection vulnerability

Heybbs is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community programs. A SQL injection vulnerability exists in the Heybbs usre.php file. An attacker can exploit the vulnerability to obtain sensitive information from the database...

LJCMS suffers from SQL injection vulnerability (CNVD-2020-18760)

LJCMS is a free and open source content management system. LJCMS suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

EjuCMS suffers from SQL injection vulnerability

EjuCMS is a localized O2O real estate website platform system. EjuCMS suffers from an SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in SemCMS SE***_Qu***.php File

SemCMS is a set of open source foreign trade enterprise website management system, written in php language, can be run under window or linux system. SemCMS SEQu.php file has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information in the database...

Cisco Cloud Web Security SQL Injection Vulnerability

Cisco Cloud Web Security is a comprehensive cloud-delivered web defense solution. A SQL injection vulnerability exists in the web UI of Cisco Cloud Web Security. The vulnerability stems from the web management interface failing to properly validate SQL values. An authenticated attacker can exploi...

SQL injection vulnerability in uqcms cloud commerce system (CNVD-2020-18781)

uqcms is a lightweight shopping software, light application, light deployment, multiple clients with different presentations.PHP+MySql easy to build, Smarty template tags, two open more convenient. Can be used for free for business. SQL injection vulnerability exists in uqcms cloud commerce syste...

MyuCMS open source content management system In***.php file SQL injection vulnerability

MyuCMS open source content management system developed using ThinkPHP community mall aggregation, plug-ins, templates, lightweight and fast easy to expand. MyuCMS open source content management system In.php file SQL injection vulnerability . Attackers can exploit the vulnerability to obtain...

SQL Injection Vulnerability in Youpoint Enterprise Website Management System of Changsha Youpoint Software Technology Co.

YouDian enterprise website management system abbreviated as YouDianCMS system set computer station, cell phone station, micro letter, APP, small program in one, shared space, data synchronization, is the domestic open source five stations in one excellent enterprise building station solutions...

Progress Software MOVEit Transfer SQL Injection Vulnerability (CNVD-2020-19007)

Progress Software MOVEit Transfer is a suite of file transfer software from Progress Software, USA. A SQL injection vulnerability in the REST API in Progress Software MOVEit Transfer version 2019.1 before 2019.1.4 and version 2019.2 before 2019.2.1 can be exploited by an attacker to access the...

SQL Injection Vulnerability in UQCMS B2B2C E-commerce System

UQCMS is a lightweight shopping software, light application, light deployment, multiple clients with different presentations.PHP+MySql easy to build, Smarty template tags, two open more convenient. Can be used for free for business. UQCMS B2B2C e-commerce system suffers from a SQL injection...

PT-2020-1843 · Abb · Abb Esoms

Name of the Vulnerable Software and Affected Versions: ABB eSOMS versions 3.9 to 6.0.3 Description: The issue is related to a lack of input checks for SQL queries, which might allow an attacker to perform SQL injection attacks against the backend database. This could potentially be exploited by a...

The vulnerability in the vManage web interface of Cisco SD-WAN’s programmatically defined network allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability in the vManage web interface of Cisco’s programmable network architecture involves a lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information...

CVE-2020-3934

TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command...

PT-2020-1616 · Microsoft · Sql Server Reporting Services +1

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server Reporting Services versions 2012 through 2016 Description: A remote code execution issue exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. This could allow an attacker to execute...

Jobberbase SQL Injection Vulnerability (CNVD-2020-04571)

Jobberbase is an open source platform for building job search websites. A SQL injection vulnerability exists in Jobberbase. The vulnerability stems from a lack of validation of externally entered SQL statements in the database-based application. An attacker can exploit this vulnerability to execu...

SQL Injection Vulnerability in Tianjin Enzhong Technology Website Building System

Tianjin Enzhong science and technology development limited company engaged in computer software hardware technology development, consultation, transfer, service. There is a SQL injection vulnerability in the website building system of Tianjin Enzhong Technology, which can be exploited by attacker...

soccerfield SQL Injection Vulnerability

soccerfield is a small game for cell phones. A SQL injection vulnerability exists in soccerfield. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Plone DTML SQL Injection

Plone is free and open source content management system. Plone DTML suffers from SQL injection, which can be exploited by remote attackers to submit a special SQL request to manipulate the database, which can obtain sensitive information or execute arbitrary code...

Magento SQL Injection Vulnerability (CNVD-2020-04822)

Magento is an open source e-commerce framework. Magento has a SQL injection vulnerability that allows remote attackers to submit a special SQL request to manipulate the database, which can be used to obtain sensitive information or execute arbitrary code...