8196 matches found
SQL Injection Vulnerability in Shanghai Siting's WeChat Backend Management System
Ltd. is mainly committed to the automotive industry information technology software solutions, the main object of service are automobile OEMs, dealer groups, 4S stores and a variety of fast repair chain institutions and a series of customers. SQL injection vulnerability exists in the WeChat backe...
iCMS SQL Injection Vulnerability (CNVD-2018-14361)
iCMS is a content management system CMS built with PHP and MySQL databases. A SQL injection vulnerability exists in the spider.admincp.php file in iCMS version 7.0.8. A remote attacker can exploit this vulnerability by sending an app=spider&do=batch request with the 'id' parameter to the...
Quick Chat SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Quick Chat plugin is used in one of the online chat plugin. A SQL injection vulnerability exists in WordPress Quic...
NodAPS 'search' SQL Injection Vulnerability
NodAPS is an online appointment management system available in multiple languages and is used to help users schedule appointments more efficiently. A SQL injection vulnerability exists in NodAPS 'search'. An attacker can exploit the vulnerability to gain access to sensitive database information...
PvPGN Stats SQL Injection Vulnerability
PvPGN Stats is a PHP-based tool that supports the integration of websites with the PvPGN game server, displaying server status, ladder pages, and more. A SQL injection vulnerability exists in the ladder/stats.php file in PvPGN Stats version 2.4.6, which stems from the program not filtering databa...
SQL Injection Vulnerability in hdcmsv1.2 System
HDCMS is a content management system package written in PHP , the database using Mysql. to provide powerful , complete functionality to complete the rapid development of the site . HDCMS system version 1.2 SQL injection vulnerability, remote attackers can exploit the vulnerability to obtain...
Shipping System CMS SQL Injection Vulnerability
Shipping System CMS is a shipping management system. Shipping System CMS suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to execute arbitrary SQL statements...
Online Store System CMS SQL Injection Vulnerability
Online Store System CMS is an online management system. A SQL injection vulnerability exists in Online Store System CMS, which can be exploited by an attacker to execute arbitrary SQL commands...
CVE-2017-18287
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST usersearch parameter...
CVE-2017-18288
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter...
Novell SUSE Studio Onsite and SUSE Studio Onsite Appliance SQL Injection Vulnerability
Novell SUSE Studio Onsite and SUSE Studio Onsite Appliance are both U.S. Novell Web applications for building and testing software applications in a Web browser. A SQL injection vulnerability exists in the list of software available in Novell SUSE Studio Onsite versions prior to 1.0.3-0.18.1 and...
portfolioCMS SQL Injection Vulnerability
portfolioCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in portfolioCMS version 1.0.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of the 'preview' parameter...
Joomla! User Bench SQL Injection Vulnerability
Joomla! is an open source Content Management System CMS that offers RSS feeds, site search, etc. User Bench is one of those simple components that allows you to list your team details. An SQL injection vulnerability exists in Joomla! An attacker could use this vulnerability to corrupt the...
JB Tour Booking SQL Injection Vulnerability in Joomla!
Joomla! is an open source content management system CMS developed by the Open Source Matters team in the U.S. JB Tour Booking is one of the scripts designed for travel agencies. A SQL injection vulnerability exists in Joomla JB Tour Booking. An attacker could use this vulnerability to corrupt the...
SQL Injection Vulnerability in Website Building System of Guangdong Shunde Deyun Network Technology Co.
Guangdong Shunde Deyun Network Technology Co., Ltd. is a marketing company relying on the Internet, focusing on practical Internet planning and in-depth marketing. There is a SQL injection vulnerability in the website building system of Guangdong Shunde Deyun Network Technology Co. Attackers can...
SQL Injection Vulnerability in Guangzhou Lianya Network Technology Co.
Guangzhou Lianya Network Technology Co., Ltd. is a technology-based network company. A SQL injection vulnerability exists in the website building system of Guangzhou Lianya Network Technology Co. An attacker can exploit the vulnerability to obtain sensitive information from the database...
Zechat has multiple vulnerabilities
Zechat is a PHP-based online chat application script . Zechat suffers from SQL injection and cross-site request forgery vulnerabilities. An attacker can exploit the vulnerabilities to obtain sensitive information about the database; change the user's information...
SQL Injection Vulnerability at lmxcms Tags Search
Dream Cms, hereinafter referred to as "lmxcms", is a simple and practical website management system cms developed by "10 years" screen name. A SQL injection vulnerability exists in lmxcms Tags search. An attacker can exploit the vulnerability to obtain sensitive information from the database...
OpenDaylight Controller SQL Injection Vulnerability
Opendaylight, a project of the Linux Foundation in the United States, is a community-driven open source software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly.Controller is one of the controllers. An SQL...
Quest KACE System Management Appliance SQL Injection Vulnerability
Quest KACE System Management Appliance is an IT asset management appliance from Quest Software, USA. A SQL injection vulnerability exists in the '/common/runreport.php' script in version 8.0.318 of the Quest KACE System Management Appliance, which stems from the program not filtering incoming...