SQL Injection Vulnerability in Shop7z Online Shopping System Supreme Edition

Shop7z online shopping system is ASP online store platform software, providing comprehensive application services based on Internet solutions. Shop7z Online Shopping System Supreme Edition suffers from SQL injection vulnerability, which can be exploited by attackers to access or modify database...

SQL Injection Vulnerability in Uno Network Technology Website Building System

Shenyang Uno Technology Co., Ltd. is a one-stop service brand marketing planning company committed to providing Chinese enterprises with one-stop service suitable for the development of the times, integrating enterprise station building, search engine optimization, WAP website, APP client and so...

SQL Injection Vulnerability in Chiayi County's Management Resources Inquiry System

The Kiawah County Management Information System is a content management system. Chiayi County Management Information Query System suffers from SQL injection vulnerability, which can be exploited by attackers to access or modify sensitive database information...

SQL Injection Vulnerability in zzcms 8.2 user/check.php File

zzcms is an enterprise website builder program It is an enterprise website builder program. An SQL injection vulnerability exists in the user/check.php file of zzcms version 8.2, which can be exploited by attackers to access or modify database data...

Affiligator Affiliate Webshop Management System SQL Injection Vulnerability

Affiligator Affiliate Webshop Management System is a PHP-based web store management system. A SQL injection vulnerability exists in Affiligator Affiliate Webshop Management System version 2.1.0. A remote attacker can inject SQL commands with the help of search/?q=&pricetype=range&price= requests...

Advantech WebAccess/SCADA SQL Injection Vulnerability

Advantech WebAccess is a browser-based HMI software package for human machine interfaces, as well as monitoring and data acquisition SCADA. A SQL injection vulnerability exists in Advantech WebAccess/SCADA, which can be exploited by an attacker to obtain sensitive information about a database...

Apache Geode Code Execution Vulnerability

Apache Geode cluster is the Apache Software Foundation's platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. A security vulnerability exists in Apache Geode cluster. A remote attacker can exploit this vulnerability to...

Web Security Dog (Apache Edition) V4.0 suffers from SQL Injection Vulnerability

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability...

Website Security Dog (Apache Edition) V4.0 suffers from SQL injection vulnerability (CNVD-2018-02087)

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. Allows attackers to exploit the...

SQL Injection Vulnerability in DocCms 2016

DocCMS rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is a free and open source enterprise website building system, enterprise website generation system. DocCms 2016 has a SQL injection vulnerability,...

CVE-2017-14594

The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the jqlQuery query parameter...

SQL Injection Vulnerability in Dispnews.asp Page of Website Construction System of Jingmen Xinnet Technology Development Co.

Jingmen City, Xin network technology development limited company is a network brand marketing and enterprise management information technology professional service providers. There is a SQL injection vulnerability in the dispnews.asp page of the website construction system of Jingmen Xinnet...

SQL Injection Vulnerability in Xi'an Hongbo Network Technology Co.

Xi'an Hongbo Network Technology Co., Ltd. is a professional design team integrating network preparation, digital film and television production, and brand visual design. Xi'an Hongbo Network Technology Co., Ltd. website construction system suffers from SQL injection vulnerability. Attackers can...

Microsemi Symmetricom s350i SQL Injection Vulnerability

Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. A SQL injection vulnerability exists in the 'checkPassword' function in the Microsemi Symmetricom s350i version 2.70.15. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

CVE-2017-1670

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637...

Gespage SQL Injection Vulnerability

Gespage is an application for managing and monitoring printing devices from the French company Gespage. A SQL injection vulnerability exists in Gespage. A remote attacker can exploit this vulnerability by sending the 'showprn' parameter to the webapp/users/prnow.jsp file or the 'showmonth'...

OpenText Document Sciences xPression xDashboard SQL Injection Vulnerability

OpenText Document Sciences xPression formerly EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada, Inc. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM,...

Muslim Matrimonial Script SQL Injection Vulnerability

Muslim Matrimonial Script is a community matrimonial script for matrimonial websites by PHP Scripts Mall. PHP Scripts Mall Muslim Matrimonial Script has a SQL injection vulnerability. The vulnerability can be exploited to conduct SQL injection attacks via the view-profile.php memid parameter...

DEBIAN-CVE-2017-17920

SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...

SQL Injection Vulnerability in phpaaCMS article.add.php File

phpaaCMS is a simple article management system. A SQL injection vulnerability exists in the phpaaCMS article.add.php file. An attacker can exploit the vulnerability to obtain sensitive database information...