SQL Injection Vulnerability in AICA CMS Backend li***.php

Acme CMS is a full-featured, PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction CMS building system. Acme CMS background li.php SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in na***.php of Acme CMS Backend

Acme CMS is a full-featured, PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction CMS building system. Aike CMS background na.php SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

python-sqlalchemy: SQL Injection when the group_by parameter can be controlled

SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

Orpak SitOmat SQL Injection Vulnerability

Orpak SitOmat is a remote takeover refueling system from Orpak India. A SQL injection vulnerability exists in Orpak SitOmat, which can be exploited by remote attackers to execute SQL commands...

The vulnerability of the Etlas electronic document management system lies in the lack of protection for SQL query structures, which allows attackers to disclose the protected information.

The vulnerability of the Etlas electronic document management system lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain access to protected information by entering a specially crafted SQL query into the “Process Name” field o...

The vulnerability of the Dr.Web Enterprise Security Suite, an anti-virus protection tool, lies in the lack of SQL query filtering. This allows attackers to increase their privileges.

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection lies in the absence of SQL query filtering. Exploiting this vulnerability allows a malicious actor, who operates remotely and has no access to the application’s administrative operations via the web interface, to...

doorGets SQL Injection Vulnerability (CNVD-2019-13802)

DoorGets is a free and open source content management system. A SQL injection vulnerability exists in /doorgets/app/requests/user/modulecategoryRequest.php in doorGets 7.0. This vulnerability can be exploited by a user with remote backend administrator privileges or a user with manage...

doorGets SQL Injection Vulnerability (CNVD-2019-26507)

doorGets is a content management system CMS. The system supports multiple languages, and system backups and theme changes, etc. A SQL injection vulnerability exists in doorGets version 7.0, which can be exploited by attackers to execute illegal SQL commands...

doorGets SQL Injection Vulnerability (CNVD-2019-26504)

doorGets is a content management system CMS. The system supports multiple languages, and system backups and theme changes, etc. A SQL injection vulnerability exists in doorGets version 7.0, which can be exploited by attackers to execute illegal SQL commands...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Shanghai Danfan Network Technology Co., Ltd. station building system exists SQL injection vulnerability

Huaxia chemical network is by Shanghai Danfan network technology limited company founded, is for the chemical industry to provide security, high efficiency, multi-function, system supporting B2B electronic commerce platform of professional website. The Shanghai Danfan network science and technolo...

SQL injection vulnerability in ch***.asp file of Dynamic Sciences enterprise website management system

Dynamic enterprise website management system is an asp + access for the development of enterprise website source code. There is a SQL injection vulnerability in the ch.asp file. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in the ch***.asp file of the enterprise website management system of Dynamic Science (CNVD-2019-13589)

Dynamic enterprise website management system is an asp + access for the development of enterprise website source code. There is a SQL injection vulnerability in the ch.asp file. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in Website Building System of Ningbo Mufeng Network Technology Co.

Ningbo Mufeng Network Technology Co., Ltd. is a website design company with the core business of website construction, website production, website development, graphic design and corporate branding in Ningbo. There is a SQL injection vulnerability in the website building system of Ningbo Mufeng...

GHSA-887W-45RQ-VXGF SQLAlchemy vulnerable to SQL Injection via order_by parameter

SQLAlchemy before 1.3.0b3 allows SQL Injection via the orderby parameter. The fix commit 30307c4 was applied only to the main branch and was never backported to the 1.2.x release line; all 1.2.x versions remain vulnerable...

SQL Injection Vulnerability in Citycom's Website Building System

Citycom Technology Inc. is a website building system. SQL injection vulnerability exists in Citycom's website builder system, which can be exploited by attackers to obtain sensitive information from the database...

Magento SQL Injection Vulnerability

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A SQL injection vulnerability exists in Magento, which stems from a lack of validation of externally entered SQL...

MKCMS SQL Injection Vulnerability

MKCMS is a content management system. A SQL injection vulnerability exists in MKCMS version V5.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...

SQL Injection Vulnerability in deituiCMS fu***.php File

deituiCMS is a PHP-based open source content management system. A SQL injection vulnerability exists in the deituiCMS fu.php file, which can be exploited by attackers to obtain sensitive database information...

UBUNTU-CVE-2018-20505

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service application crash by leveraging the ability to run arbitrary SQL statements such as in certain WebSQL use cases...