SQL Injection Vulnerability in Anqing One Point Website Construction System

Anqing One Point Information Technology Co., Ltd. is Anqing set of website construction, government management software, office management software, microcontroller software development, sales; system integration, integrated wiring, server hosting, computer office equipment and consumables sales,...

SQL Injection Vulnerability in the Frontend of Esaote E3 Omni-Channel Retail Management Software

E3 omni-channel retail management software is Esaote's e-commerce ERP system for online sales in the fashion industry, integrating Taobao interface, independent B2C mall system, advanced order processing system, logistics and warehousing system, network marketing and promotion system, and...

SQL Injection Vulnerability in Tonglian Da3 Collaboration Office Platform

Tonglian Da3 cooperative office platform is a series of Da3 management software products provided by Tonglian for governmental units at all levels, focusing on "mobile government office". There is a SQL injection vulnerability in the Da3 collaborative office platform, which can be exploited by an...

Vastal I-Tech Agent Zone SQL Injection Vulnerability

Vastal I-Tech Agent Zone aka The Real Estate Script is a real estate website management system. A SQL injection vulnerability exists in Vastal I-Tech Agent Zone aka The Real Estate Script. A remote attacker can exploit this vulnerability to inject SQL commands...

D-Park Pro Domain Parking Script SQL Injection Vulnerability

D-Park Pro Domain Parking Script is a domain parking script. A SQL injection vulnerability exists in D-Park Pro Domain Parking Script version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands...

SQL Injection Vulnerability in Axublog v1.0.6 hit.php Page

Axublog is a PHP personal blog system. A SQL injection vulnerability exists in the Axublog v1.0.6 hit.php page. An attacker can exploit this vulnerability to obtain sensitive database information...

CPA Lead Reward Script SQL Injection Vulnerability

CPA Lead Reward Script is a social research script. A SQL injection vulnerability exists in CPA Lead Reward Script. A remote attacker can exploit this vulnerability to inject SQL commands with the 'username' parameter...

Data Components tPanel SQL Injection Vulnerability

Data Components tPanel is a set of web hosting control panels that run in the server. A SQL injection vulnerability exists in Data Components tPanel version 2009. A remote attacker could exploit this vulnerability to bypass authentication...

Vastal I-Tech Dating Zone SQL Injection Vulnerability

Vastal I-Tech Dating Zone is a dating site system. The system supports user registration, search and forums. A SQL injection vulnerability exists in Vastal I-Tech Dating Zone version 0.9.9. A remote attacker can exploit the vulnerability by sending the 'productid' parameter to the addtocart.php...

Tenable SecurityCenter SQL Injection Vulnerability

Tenable SecurityCenter is a Nessus-inclusive vulnerability management platform from US-based Tenable Network Security. The platform simplifies vulnerability scanning, management and reporting and provides a console to manage policies, alerts, reports and plug-ins for Nessus. An SQL injection...

Adult Script Pro SQL Injection Vulnerability

Adult Script Pro is an online multimedia website builder. The system has modules for video viewing, news and user registration. A SQL injection vulnerability exists in Adult Script Pro version 2.2.4. A remote attacker can exploit this vulnerability by sending PATHINFO to the /download URI to inje...

iTech Gigs Script SQL Injection Vulnerability

iTech Gigs Script is an e-commerce website building system. The system features user registration, quotes and comments. A SQL injection vulnerability exists in iTech Gigs Script version 1.21. A remote attacker can inject SQL commands by sending the 'sc' parameter to the browse-scategory.php file ...

Cisco Prime Collaboration Provisioning SQL Injection Vulnerability

Cisco Prime Collaboration Provisioning application is the United States of America Cisco Cisco company's set of Web-based next-generation communications services software. The software provides IP communication service features for IP telephony, voice mail and unified communications environments....

US Zip Codes Database Script SQL Injection Vulnerability

US Zip Codes Database Script is a set of US Zip Codes Database Scripts. A SQL injection vulnerability exists in US Zip Codes Database Script version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands with the 'state' parameter...

Nice PHP FAQ Script SQL Injection Vulnerability

Nice PHP FAQ Script is a PHP-based website autoresponder script. A SQL injection vulnerability exists in Nice PHP FAQ Script. The vulnerability can be exploited to inject SQL commands by sending the 'nicetheme' parameter to the index.php file...

SQL Injection Vulnerability in MIPCMS ApiAdminLink.php Page

MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...

SQL Injection Vulnerability in MIPCMS ApiAdminUser.php Page

MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...

PHPSUGAR PHP Melody SQL Injection Vulnerability (CNVD-2017-32540)

PHPSUGAR PHP Melody is a PHP-based content management system for video websites. A SQL injection vulnerability exists in PHPSUGAR PHP Melody versions prior to 2.7.3. A remote attacker can perform a display list operation on the watch.php file and exploit the vulnerability to execute arbitrary SQL...

SQL Injection Vulnerability in WebShow Shopping System V5.4 listjp.asp

Net show shopping system is a shopping site developed with asp + access. A SQL injection vulnerability exists in NetShow Shopping System V5.4 listjp.asp. An attacker can obtain sensitive database information by constructing specific SQL statements...

LetoDMS SQL Injection Vulnerability (CNVD-2017-35203)

LetoDMS is a document management system based on PHP+MySQL development. A SQL injection vulnerability exists in LetoDMSCore/Core/inc.ClassDMS.php in LetoDMS before version 3.3.8, which can be exploited by remote attackers to execute arbitrary SQL commands...