IBM Sterling B2B Integrator SQL Injection Vulnerability (CNVD-2019-44534)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A SQL injection vulnerability exists in IBM Sterling B2B...

SQL Injection Vulnerability in WebOA Network Office Automation Software

WebOA network office automation software is an office software that allows company employees to download and upload shared information through a browser. A SQL injection vulnerability exists in WebOA Network Office Automation Software. An attacker can exploit the vulnerability to obtain sensitive...

OpenTrade SQL Injection Vulnerability

OpenTrade is an open source cryptocurrency trading platform. A SQL injection vulnerability exists in versions of OpenTrade prior to 2019-11-23. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

rConfig SQL Injection Vulnerability (CNVD-2020-41583)

rConfig is an open source network device configuration management utility . A SQL injection vulnerability exists in rConfig version 3.9.2, which stems from a lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker to execute...

statusnet SQL Injection Vulnerability

statusnet is an open source micro-blogging program written in PHP. A SQL injection vulnerability exists in statusnet 2010 and prior versions. The vulnerability stems from a database-based application that fails to properly validate external input SQL statements. An attacker can exploit the...

SQL injection vulnerability in phpyun in***.class.php file

PHP cloud talent system phpyun is an open source talent and enterprise job search recruitment, hiring solutions built using PHP and MySQL database. The phpyun in.class.php file contains a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information...

SQL injection vulnerability in the ca***.php file in the background of Yunye CMS (CNVD-2020-00234)

Yunye CMS is an enterprise website building system developed by Luoyang Yunye Information Technology Co. There is a SQL injection vulnerability in the background ca.php file of Yunye CMS. Attackers can use the vulnerability to obtain sensitive information in the database...

UBUNTU-CVE-2013-2091

SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php...

Redmine SQL Injection Vulnerability

Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A SQL injection vulnerability exists in Redmine. The vulnerability stems from a lack of validation o...

SQL Injection Vulnerability in ECTouch Mobile Mall System v2.7.2

ECTouch is Shanghai Shangchuang Network Technology Co., Ltd. launched a set of PHP and MySQL database based on the construction of open source and easy to use mobile mall store system. ECTouch Mobile Mall System v2.7.2 suffers from a SQL injection vulnerability, which can be exploited by attacker...

Centreon SQL Injection Vulnerability (CNVD-2019-42246)

Centreon Merethis Centreon is a French company Centreon needs to be used with Nagios with open source IT monitoring software. A SQL injection vulnerability exists in versions of Centreon Web prior to 2.8.27. The vulnerability stems from a lack of validation of externally entered SQL statements in...

Metinfo SQL Injection Vulnerability (CNVD-2019-42846)

MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A SQL injection vulnerability exists in MetInfo. The vulnerability stems from a lack of validation of externally entered SQL statements in the database-based application. An attacker can exploit this...

CloudBoot SQL Injection Vulnerability

iDCOS CloudBoot is an open source X86 server configuration and installation tool from China's CloudBoot Technology iDCOS. CloudBoot suffers from a SQL injection vulnerability. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An...

The vulnerability in the web interface of the Cisco Unified Communications Manager system allows a perpetrator to disclose protected information.

The vulnerability of the Cisco Unified Communications Manager web interface management interface is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by sending a specially crafted SQL query...

Shenzhen Tiandixin Network Technology Co., Ltd. website building system has SQL injection vulnerability

Tiandixin network was founded in 2010, is a strategic research and development-oriented enterprises, many large-scale project experience, more than tens of thousands of Chinese enterprises common choice of website platform builder, the company mainly focuses on corporate website construction, Bai...

Web Service suffers from sql injection vulnerability

WebService is a cross-programming language, cross-operating system platform remote invocation technology. Web Service has a sql injection vulnerability that can be exploited by an attacker to obtain sensitive database information...

XYCMS agent query authentication system SQL injection vulnerability

XYCMS enterprise agent authentication query program system is an asp + access for the development of agent authentication system. XYCMS agent query authentication system SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in UsualToolCMS

UsualToolCMS UTCMS is a content management system and rapid site building framework. Using template separation technology , support the creation of a variety of application platforms . Support for secondary development , rich template language and API for developers to call . UsualToolCMS SQL...

SQL Injection Vulnerability in Kaixin Quote System V2.0 da***.aspx Page

The QI Quotation System is primarily for use by manufacturing companies. For incoming BOM list price monitoring. The system will automatically record the past quoted prices of BOM products, so that the purchasing staff can easily give new quotes. A SQL injection vulnerability exists in the Qixing...

SQL Injection Vulnerability in Kaixin Quote System V2.0 pr***.aspx Page

The QI Quotation System is primarily for use by manufacturing companies. For incoming BOM list price monitoring. The system will automatically record the past quoted prices of BOM products, so that the purchasing staff can easily give new quotes. A SQL injection vulnerability exists in the Qixing...