File Upload Vulnerability in Laike Ecommerce Management System

Laike e-commerce system is an open source e-commerce system. Laike E-commerce Management System suffers from a SQL injection vulnerability that can be exploited by attackers to gain server privileges...

SQL Injection Vulnerability in Hula Enterprise Website Management System of Qingdao Scorch Culture Media Co.

Hula enterprise website management system is based on ThinkPHP5 framework development, security and efficiency, including all the features of ThinkPHP5. Qingdao Scorch Culture Media Co., Ltd. Hula enterprise website management system has a SQL injection vulnerability, which can be exploited by...

Equinox Control Expert SQL Injection Vulnerability

Equinox Control Expert is a human interface and data acquisition and monitoring system from Equinox Argentina. A SQL injection vulnerability exists in Equinox Control Expert. The vulnerability stems from a lack of validation of externally entered SQL statements in a database-based application. A...

SQL Injection Vulnerability in the ma***.php Page of Golden Flavor Smart Order Payment Management System

Golden Flavor restaurant ordering payment management system is a restaurant ordering system developed in php. A SQL injection vulnerability exists in the ma.php page of the Golden Taste Smart Order and Payment Management System. An attacker can exploit the vulnerability to obtain sensitive...

Joomla! SQL Injection Vulnerability (CNVD-2020-12711)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A SQL injection vulnerability exists in Joomla! versions prior to 3.9.14, which stems from a lack of validation of externally-entered SQL statements...

SQL Injection Vulnerability in Web Design System of Weili Taiwan Ltd.

Taiwan Weili Web Design Co., Ltd. is a customized web site based on customer needs, mainly promoting the suite of web design services, customers include food, electronics, computers, machinery and service industries, etc.. A SQL injection vulnerability exists in the website building system of Wei...

SonicWall SMA100 SQL Injection Vulnerability

The SonicWall SMA100 is a secure access gateway appliance from SonicWall USA. A SQL injection vulnerability exists in SonicWall SMA100 9.0.0.3 and earlier versions, which stems from a lack of validation of externally entered SQL statements in database-based applications and can be exploited by an...

SQL Injection Bypass Vulnerability in Web Security Dog (Apache Edition)

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition suffers from a SQL injection bypass vulnerability. Attackers use the vulnerability to bypa...

Empire cms add topic at the existence of SQL injection vulnerability

Empire CMS is a content management system CMS. A SQL injection vulnerability exists in Empire cms at Add Topic. An attacker can exploit the vulnerability to obtain sensitive database information...

TuziCMS 2.0.6 ph***.cl***.php suffers from SQL injection vulnerability

TuziCMS is an enterprise website management system based on ThinkPHP 3.2 framework. TuziCMS 2.0.6 ph.cl.php suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in PM2 Project Management System of Beijing Bangyong Technology Co.

BONYON is committed to project management research and development, integrating project management consulting, software development, project management training and education as one of the professional foreign-funded companies. The PM2 project management system of Beijing BangYong Technology Co.,...

SQL Injection Vulnerability in Key Management System

Key Management Service KMS is a security management service that allows you to easily create and manage keys, protect the confidentiality, integrity and availability of keys, meet the key management needs of users for multi-application and multi-service, and comply with regulatory and compliance...

Intesync Solismed SQL Injection Vulnerability

Intesync Solismed is a clinic management system designed for use by independent and free clinics. Intesync Solismed suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to execute illegal SQL commands...

SQL injection vulnerability in oceancms backend ad***_pa***.php file

Ocean CMS is a video-on-demand system. Ocean cms background adpa.php file SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information...

ZOHO ManageEngine Applications Manager SQL Injection Vulnerability (CNVD-2020-12713)

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A SQL injection...

SQL Injection Vulnerability in Bibliographic Data Retrieval System of Beijing Jinpan Software Technology Co.

Beijing Jinpan Software Technology Co., Ltd. bibliographic data retrieval system is the use of computer terminals to query the library collection of data resources of a modern search method. There is a SQL injection vulnerability in the Bibliographic Data Retrieval System of Beijing Jinpan Softwa...

SQL Injection Vulnerability in the Report Query System of Health Management Center

Health Management Center report query system is free free open source , it is based on unix as a prototype transformation of a multi-user multi-tasking operating system . The Health Management Center Report Query System suffers from a SQL injection vulnerability that can be exploited by an attack...

CloudLock win_3.1.18.12 public cloud version suffers from sql injection bypass vulnerability

CloudLock is a free server security management software based on operating system kernel hardening technology, which supports cross-platform real-time, batch and remote security management of windows/linux servers. CloudLock Win3.1.18.12 public cloud version suffers from a sql injection bypass...

PT-2019-15940 · Octeth · Octeth Oempro

Name of the Vulnerable Software and Affected Versions: Octeth Oempro versions 4.7 through 4.8 Description: The issue allows SQL injection. The parameter CampaignID in the Campaign.Get endpoint is vulnerable. Recommendations: For versions 4.7 and 4.8, avoid using the CampaignID parameter in the...

CVE-2019-19649

Zoho ManageEngine Applications Manager before 13620 allows a remote unauthenticated SQL injection via the SyncEventServlet eventid parameter to the SyncEventServlet.java doGet function...