The vulnerability in HMI/SCADA Equinox Control Expert, related to the failure to protect the SQL query structure, allows a intruder to gain unauthorized access to protected information.

The vulnerability in HMI/SCADA Equinox Control Expert relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by sending specially crafted SQL queries to the database...

Xiamen Service Cloud Information Technology Co., Ltd. website security dog SQL injection bypass vulnerability

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. There is a SQL injection bypass vulnerability in the Xiamen Service Cloud Information Technology Co. Attackers use the...

CVE-2019-12619

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

Cisco SD-WAN Solution SQL Injection Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An SQL injection vulnerability exists in the web interface of Cisco SD-WAN Solution vManage. The vulnerability stems from insufficient validation of user-supplied input. A remote...

Cisco SD-WAN Solution SQL Injection Vulnerability (CNVD-2020-04036)

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An SQL injection vulnerability exists in the web interface of Cisco SD-WAN Solution vManage. The vulnerability stems from insufficient validation of user-supplied input. An attacker could...

SQL Injection Vulnerability in Jiangmen Pengjiang Kehui Development Co.

Ltd. is a value-added telecommunication service provider offering website construction, WeChat public number service, WeChat small program development, microsite construction, web hosting, web design, program development, enterprise mailbox and website promotion, Flash animation and multimedia...

SQL Injection Vulnerability in Cloud CMS Backend ro***.php File

Yunye CMS is an enterprise website building system developed by Luoyang Yunye Information Technology Co. There is a SQL injection vulnerability in the background ro.php file of Yunye CMS. Attackers can use the vulnerability to obtain sensitive information in the database...

PHPGurukul Small CRM SQL Injection Vulnerability

PHPGurukul Small CRM is a customer relationship management system. A SQL injection vulnerability exists in the /in.php file in version v2.0 of PHPGurukul Small CRM. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker c...

PT-2020-7693 · Unknown · Déjà Vu Crescendo Sales Crm

Name of the Vulnerable Software and Affected Versions: Déjà Vu Crescendo Sales CRM affected versions not specified Description: The issue is related to a remote SQL Injection. No further details are provided about the estimated number of potentially affected devices or real-world incidents...

OpServices OpMon SQL Injection Vulnerability

OpServices is the technology used to manage and monitor IT environments. In addition to monitoring any device that generates data in real time, it is also possible to create business data visualizations. OpServices OpMon SQL injection vulnerability can be exploited by attackers to gain access to...

Dairy Farm Shop Management System SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . A SQL injection vulnerability exists in Dairy Farm Shop Management System version 1.0. The vulnerability stems from a lack of validation of externally entered SQL statements in a database-based application. ...

SQL Injection Vulnerability in Xinkao Online Marking System of Hebei Xinkao Education Technology Co.

Hebei Xinkao Education Technology Co., Ltd. is a professional high-tech enterprise dedicated to the informatization of educational applications, and has developed the Campus Card Management System, Xinkao Online Marking System and Home-School Interconnection System. Hebei Xinkao Education...

SQL Injection Vulnerability in Wecenter of Shenzhen Weike Interactive Co.

WeCenter is a completely open source social networking program similar to Zhihu based on Q&A, based on PHP+MYSQL application architecture. WeCenter has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Qixing Helpdesk kb***_ca***.aspx Interface

Kaixin HelpdeskHelpdesk is a system for dealing with day-to-day issues that helps IT collect the issues it deals with on a daily basis and generate reports to quantify the work. A SQL injection vulnerability exists in the kbca.aspx interface of Qixing Helpdesk, which can be exploited by attackers...

Cisco Data Center Network Manager REST API SQL Injection Vulnerability

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A REST API SQL injection vulnerability exists in Cisco Data Center Network Manager...

Mellow Fish YetiShare SQL Injection Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A SQL injection vulnerability exists in the accountmovefileinfolder.ajax.php file in Mellow Fish YetiShare version 3.5.2. The vulnerability stems from a database-based application that lacks validation of...

SQL Injection Vulnerability in Background Login of Duan Yun Chemical Website System V2.01 System

Duanyun chemical website system is a professional chemical website construction system, which supports full static website processing, big data chemical products batch import, professional version provides structured search and other services. Duanyun chemical website system V2.01 system backgrou...

XerCMS in***.php file suffers from SQL injection vulnerability

Ctrip CMS XerCMS is a content management system based on php+mysql, integrating membership, community, guestbook, news and model management. An SQL injection vulnerability exists in the XerCMS in.php file, which can be exploited by attackers to obtain sensitive information...

SQL Injection Bypass Vulnerability in D-Shield Firewalls

D Shield Firewall is a free IIS firewall software, this software protects websites and servers from intrusion. D Shield Firewall suffers from a SQL injection bypass vulnerability. An attacker can exploit the vulnerability to gain access to sensitive database information...

SQL Injection Vulnerability in ZKEACMS

Paper shell CMS ZKEACMS is ZKEASOFT independent research and development, open source website system, you can directly use it to do for your corporate website, portal or personal website, blog, or use it to do the second custom development to meet your specific needs. ZKEACMS has a SQL injection...