CVE-2019-10707

MKCMS V5.0 has SQL injection via the bplay.php play parameter...

Domoticz SQL Injection Vulnerability

Domoticz is an open source smart home system. The system supports monitoring and controlling a wide range of smart home devices. A SQL injection vulnerability exists in Domoticz versions prior to 4.10578, which stems from a lack of validation of externally entered SQL statements in database-based...

The vulnerability of the pg_upgrade and pg_dump utilities in the PostgreSQL database management system allows a hacker to execute arbitrary SQL commands.

The vulnerability of the pgupgrade and pgdump utilities in the PostgreSQL database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

Joomla Component MorfeoShow SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla component MorfeoShow. The vulnerability exists because the program fails to adequately filter user-supplied data before using it in SQL queries. Allowing remote attackers to execute arbitrar...

CVE-2019-9053

An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1idlist parameter...

SQL Injection Vulnerability in yxtcmf Backend

YxtCMF Yi Xue Tang Online Learning System is an online learning platform system developed with thinkphp+bootstrap as the framework. There is a SQL injection vulnerability in the backend of yxtcmf, which can be exploited by attackers to obtain database sensitive information...

SQL Injection Vulnerability in Leer's Resource Platform

Founded in 2008, Aotong Dalian Technology Development Co., Ltd. is an educational brand engaged in the research and development of original children's digital resources. A SQL injection vulnerability exists in the Le'er Resource Platform, which can be exploited by an attacker to obtain sensitive...

SQL Injection Vulnerability in ECShop Full Version Backend

ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store. The system is based on PHP language and MYSQL database structure development of cross-platform open source program. ECShop full version of the back-end SQL...

SQL Injection Vulnerability in the jdo*** Component jdo*** Module of joomla!

joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the jdo module of the joomla! jdo component. The vulnerability allows attackers to obtain sensitive information about the database...

Hsycms v1.1 suffers from SQL Injection Vulnerability

Hsycms is an enterprise-level web content management system, written by PHP+MYSQL, using template separation technology to support the creation of many types of sites. Hsycms v1.1 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database...

SQL Injection Vulnerability in 74cms in***.php Page

Knight Talent System 74cms is a talent recruitment system based on PHP+MYSQL. A SQL injection vulnerability exists in the 74cms in.php page, which can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in Website Management System of Suzhou Topps Network Technology Co.

Suzhou Topps Network Technology, one-stop solution for website construction program. Suzhou Topps Network Technology Co., Ltd. website building system exists SQL injection vulnerability, allowing attackers to utilize commonly used SQL injection tools, access to sensitive information in the...

SQL Injection Vulnerability in OFCMS System Management Service

OFCMS is a content management system developed based on java technology. A SQL injection vulnerability exists in the OFCMS system administration, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2019-4032

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998...

Joomla Component HWDVideoShare SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla component HWDVideoShare. Allows remote attackers to execute arbitrary SQL commands with different parameters on index.php via "catid itemid=pattern=hwdcorder=videoid=" and have SQL database...

PT-2019-16850 · Ibm · Ibm Financial Transaction Manager For Digital Payments For Multi-Platform

Name of the Vulnerable Software and Affected Versions: IBM Financial Transaction Manager for Digital Payments for Multi-Platform version 3.1.0 Description: The issue allows a remote attacker to send specially-crafted SQL statements, which could enable the attacker to view, add, modify, or delete...

SQL Injection Vulnerability in Super CMS Frontend in***.php Page

Super CMS by the SEO Research Center in order to solve the problem of website optimization and research and development of a set of products, using an object-oriented approach to independent research and development of the MVC framework development, is an open source content management system...

Five Fingers CMS v4.1.0 SQL Injection Vulnerability in Frontend

Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS v4.1.0 SQL injection vulnerability exists in the front-end , an attacker can exploit the vulnerability to obtain sensitive information in the database...

WordPress Plugin PT-Content-Views-Pro SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress plugin PT-Content-Views-Pro. An attacker can exploit the vulnerability ...

Jinan Reebok Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Reebok Network Technology Ltd. is an Internet technology service provider. Jinan Reebok Network Technology Co., Ltd. website building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...