Pixelpost SQL Injection Vulnerability

Pixelpost is a suite of extensible open source photo-sharing applications with multi-language support. A SQL injection vulnerability exists in Pixelpost 1.7.3 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

SQL Injection Vulnerability in Hainan Creative Media pc Website Building System

Hainan Creative Future Culture Media Co., Ltd. is engaged in brand one-stop service e-commerce advertising consulting services media enterprises. We design complete solutions for users and provide the best advertising support services. A SQL injection vulnerability exists in the pc website builde...

CVE-2018-11535

An issue was discovered in SITEMAKIN SLAC Site Login and Access Control v1.0. The parameter "myitemsearch" in users.php is exploitable using SQL injection...

SQL Injection Vulnerability in KuaiFanCMS V5.0

KuaiFanCMS V5.x hereinafter referred to as KF uses PHP5+MYSQL as the technical basis for development.KF is built with Smarty template engine. KuaiFanCMS V5.0 has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Trend Micro Email Encryption Gateway SQL Injection Vulnerability (CNVD-2018-10480)

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. A SQL injection vulnerability exists in the formRegistration2 class in Trend Mic...

WordPress SQL Injection Vulnerability (CNVD-2018-10476)

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress suffers from an information disclosure vulnerability. By exploiting this vulnerability, an attacker can perform SQL...

iScripts eSwap 'ToId' Parameter SQL Injection Vulnerability

iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...

SQL Injection Vulnerability in SMiCMS Government Website System v201803224 Version

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS government website system v201803224 version of the existence of SQL injection vulnerability , attackers can exploit the...

PhpCollab SQL Injection Vulnerability

phpCollab is a set of Web-based project collaboration management software. The software features task assignment, discussions, logs and notifications. A SQL injection vulnerability exists in PhpCollab 2.5.1 and earlier versions. A remote attacker can exploit the vulnerability to execute arbitrary...

Dr.COM APG Anti-Proxy Gateway suffers from SQL Injection Vulnerability

Dr.COM APG Anti-Proxy Gateway Anti-Proxy Gateway is a network behavior analysis and management gateway device designed and developed by Guangzhou Hotspot specifically for broadband shared access management, which mainly provides wired and wireless broadband operators with a real-time control box...

Zhengzhou octave network marketing system has SQL injection vulnerability

Zhengzhou Octave Networks is a technology company that specializes in providing customers with mobile Internet development, high-end website construction, brand Internet marketing and related Internet-based application services. Zhengzhou Octave Network Marketing system has a SQL injection...

Synology Media Server SQL Injection Vulnerability

Synology Media Server is a set of media server software from Synology. A SQL injection vulnerability exists in Synology Media Server versions prior to 1.7.6-2842 and 1.4-2654. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'ObjectID' parameter...

SQL Injection Vulnerability in Jinbao Technology's CMS Website Building System

Shanghai Jinbao Network Technology Co., Ltd. is a set of website construction, SEO optimization, network promotion, Shanghai website production, Shanghai SEO optimization, Shanghai network optimization, and many other network services as one of the integrated service-oriented professional network...

SQL Injection Vulnerability in UQCMS Cloud Business B2B2C Multi-store System

UQCMS cloud business system is a program using PHP + MYSQL, template using smarty template B2B2C e-commerce software. UQCMS cloud business B2B2C multi-store system SQL injection vulnerability, the vulnerability stems from the program on the function filtering is not rigorous. Attackers can use th...

Advantech WebAccess SQL Injection Vulnerability (CNVD-2018-11441)

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. An SQL injection vulnerability exists in Advantech WebAcce...

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter...

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter...

SQL Injection Vulnerability in YHCMS Version V2.6.5 R20160808

YHCMS is a professional marketing enterprise building system based on PHP+MYSQL as the core development. A SQL injection vulnerability exists in YHCMS version V2.6.5 R20160808. The vulnerability originates from the system's parameter filtering is not rigorous. An attacker can exploit the...

SQL Injection Vulnerability in Nagios XI 5.4.12 and Prior Versions

Nagios is an open source, free network monitoring tool that effectively monitors the status of hosts, switches routers and other network devices, printers, etc. for Windows, Linux and Unix. Nagios XI 5.4.12 and earlier versions suffer from a SQL injection vulnerability that can be exploited by...

SQL Injection Vulnerability in Nagios XI 5.4.12 and Prior (CNVD-2018-09748)

Nagios is an open source, free network monitoring tool that effectively monitors the status of hosts, switches routers and other network devices, printers, etc. for Windows, Linux and Unix. Nagios XI 5.4.12 and earlier versions suffer from a SQL injection vulnerability that can be exploited by...