marginalia SQL Injection Vulnerability

marginalia is a package for adding annotations to ActiveRecord queries. A SQL injection vulnerability exists in versions prior to marginalia 1.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

eClass platform SQL Injection Vulnerability

eClass platform is an open source course management system organized by GUnet Greece. A SQL injection vulnerability exists in versions of eClass platform prior to ip.2.5.10.2.1. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. ...

SQL Injection Vulnerability in AIOT Structural Health Monitoring System

Shanghai Tonglei Civil Engineering Technology Co., Ltd. is a professional technical service company dedicated to providing information technology solutions in the building structure industry. AIOT structural health monitoring system has a SQL injection vulnerability, which can be exploited by...

ZZZPHP foreground search with SQL injection vulnerability

ZZZPHP is a free website builder developed in PHP language. ZZZPHP front-end search SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

Bypass Vulnerability in Website Security Dog's SQL Injection Blocking Feature

Security Dog is a comprehensive server security protection tool that integrates server security protection and security management. A bypass vulnerability exists in the SQL injection blocking feature of Website Security Dog. An attacker can bypass the SQL injection blocking feature of Website...

SQL Injection Vulnerability in VANOC Enterprise Website Management System Backend

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. VANOC enterprise website management system backend has SQL injection vulnerability, attackers can exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in Shenzhen Belly Technology's Website Building System

Belly Technology is an innovative company that specializes in web application technology development services, as well as visual design. Shenzhen Belly Technology website building system has SQL injection vulnerability, attackers can use the vulnerability to obtain database information...

ZZCMS SQL Injection Vulnerability (CNVD-2019-24373)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in ZZCMS 8.3 and earlier versions. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this...

WordPress AJdG AdRotate Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.AJdG AdRotate plugin is an ad management plugin used in it. A SQL injection vulnerability exists in WordPress AJdG AdRotate plugin...

SQL Injection Vulnerability in Fiberhome's Eyeshot Series of Network Video Surveillance Platforms

Eyeshot series network video surveillance platform is an integrated video surveillance management system developed by Fiberhome Zongzhi based on IP network technology as the core of large-scale image remote monitoring, transmission, storage and management. Fiberhome Eyeshot series network video...

The vulnerability of the U.motion Builder system, related to the incorrect processing of special symbols in SQL queries, allows a hacker to execute arbitrary code.

The vulnerability of the U.motion Builder system for managing industrial and residential facilities is related to the improper processing of special symbols in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted query...

Harbin Youyang Technology Co., Ltd. website building system has SQL injection vulnerabilities

Harbin Youyang Technology Co., Ltd. is an Internet application technology and consulting service provider. There is a SQL injection vulnerability in the website building system of Harbin YouYang Technology Co., Ltd, which can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in DBShop System

DBShop is an e-commerce system. A SQL injection vulnerability exists in the DBShop system, which can be exploited by attackers to obtain sensitive information from the database...

WordPress FV Flowplayer Video Player SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A SQL injection vulnerability exists in WordPress FolioVisio...

CVE-2019-1010034

Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" defined at databasecode.php line 1018 is vulnerable to a boolean-based blind sql injection. This function call can be triggered by...

SQL Injection Vulnerability in Hongyuan Business CMS

Laiyang Hongyuan E-commerce technology is mainly engaged in enterprise website construction, product promotion, enterprise information management consulting, planning, implementation and other services. Hongyuan Business CMS has SQL injection vulnerability, attackers can use the vulnerability to...

SQL Injection Vulnerability in Xiamen Phoenix Chuangyi Software Co.

Phoenix Chuangyi software development teaching and training software, providing vivid image of three-dimensional interactive teaching, for the construction of high-quality professional schools, innovative teaching mode and teaching content to provide a powerful support platform. Xiamen Phoenix...

Hubei Yibaitian Network Media Co., Ltd. website builder system has SQL injection vulnerability

YBTS Network Media operates computer software and hardware R&D business and Internet data business in Shanghai Telecom's Caobao Road/Wai Gao Qiao/Wusheng Road and other national server rooms. Hubei YBTS Network Media Co., Ltd. website building system has SQL injection vulnerability, attackers can...

SQL injection vulnerability in the pr***-sh***.asp file of Yueqing Hanke's website builder system.

Yueqing Hanke Network is a company engaged in website construction. A SQL injection vulnerability exists in the pr-sh.asp file of the website building system of Yueqing Hanke Network. Attackers can use the vulnerability to obtain sensitive information in the database...

CVE-2019-7003

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7.x and 8.0.x versions...