SQL Injection Vulnerability in Azeus CMS 2.0 Backend

Central CMS 2.0 is a cms system made by Central Studio, this CMS is written in UTF-8 coding. Azeus CMS 2.0 has a SQL injection vulnerability in the background, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in EML Enterprise Address Book Management System

EML enterprise customer address book management system, is based on Linux open kernel and Apache based Php + Mysql intelligent B / S interactive service system. EML enterprise address book management system version 5.4.5 there is a sql injection vulnerability , attackers can exploit the...

SQL Injection Vulnerability in the Frontend of Rongguang Information Ordering and Consumption System (荣光信息订取餐消费系统前台存在SQL注入漏洞)

Rongguang Information Ordering and Picking Up Food Consumption System is a multi-functional ordering system developed by Shenzhen Rongguang Information Co. SQL injection vulnerability exists in the frontend of Rongguang Information Ordering and Consumption System, which can be exploited by...

PbootCMS V1.1.7 SQL Injection Vulnerability in Li***.php Page

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Li.php page SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

DEBIAN-CVE-2018-12482

OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues...

SQL Injection Vulnerability in PHPSHE Mall System

PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation feedback and other functions, providing users with online shopping mall construction program. A SQL injection vulnerability exists in PHPSHE Mal...

Chengdu Innovative Internet Technology Co., Ltd. website building system suffers from SQL injection vulnerability

Chengdu Innovative Internet Technology Co., Ltd. mainly provides customers with high-quality Internet services and technology development and other services. Chengdu Innovative Internet Technology Co., Ltd. website building system has a SQL injection vulnerability, which can be exploited by...

SQL Injection Vulnerability in Beijing Weihaiyunshang Technology Mobile Cloud Mall

Ltd. HiShop.cn, continues to specialize in providing e-commerce software and related value-added service products for small and medium-sized enterprises SMEs. It is the earliest and longest lasting leading brand of e-commerce software and service provision in China. A SQL injection vulnerability...

CVE-2017-10937

SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information...

CVE-2017-18104

The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are not contained with...

OURPHP Background SQL Injection Vulnerability

OURPHP OURPHP Building System is a web content management system developed using the PHP language. A SQL injection vulnerability exists in the backend of OURPHP v1.8.3. Attackers can use the vulnerability to obtain sensitive information from the database...

EyouCms Multiple Pages SQL Injection Vulnerability

Eyou Content Management System EyouCms is developed by php + mysql a set of open source cms dedicated to small and medium-sized enterprise website construction. EyouCms multiple pages exist SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive database information...

Msvod Cms SQL Injection Vulnerability

Msvod Cms is a content management system CMS for video-on-demand websites. The system mainly provides services such as video-on-demand and video aggregation website building. A SQL injection vulnerability exists in Msvod Cms version 10. A remote attacker can exploit this vulnerability to execute...

SQL Injection Vulnerability in POSCMS v3.2.0 (Free Edition) A***.php

POSCMS PhpOpenSourceCMS is a set of China Tianrui information technology company developed a set of PHP and MySQL-based, open source, cross-platform Web content management system CMS. POSCMS v3.2.0 free version A.php suffers from a SQL injection vulnerability, which can be exploited by attackers ...

IBM InfoSphere Data Replication Dashboard SQL Injection Vulnerability

IBM InfoSphere Data Replication Dashboard is a data synchronization solution from IBM USA. The solution enables log-based data change capture through real-time replication and provides features such as trusted data integration and synchronization. A SQL injection vulnerability exists in IBM...

SQL injection vulnerability in UKcms v1.1.7 of Lingji Network Technology Co.

UKcms is a simple, flexible and powerful web content management system based on PHP7 and mysql technology. Lingji Network Technology Limited UKcms website builder v1.1.7 has SQL injection vulnerability, which can be exploited by attackers to obtain database sensitive information...

SemCms php version V2.7 suffers from SQL Injection Vulnerability

SemCms is an open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox and other mainstream browsers. SemCms php version V2.7 SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive...

ELO ELOenterprise and ELOprofessional Access Manager Component SQL Injection Vulnerability

ELO is ELO Digital Office's document management system. eloenterprise is its enterprise version; eloprofessional is its professional version. access manager is one of the access managers. A SQL injection vulnerability exists in the HTTP GET parameter 'ticket' of the Access Manager component in EL...

CVE-2018-10197

There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ticket HTTP GET...

CVE-2018-11643

SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter...