SQL Injection Vulnerability in DM Enterprise Website System

DM building system is developed by php + mysql a set of specialized for small and medium-sized enterprise website construction of open source cms. DM enterprise website builder system multiple parameters exist SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive...

DEBIAN-CVE-2012-4570

SQL injection vulnerability in LetoDMSCore/Core/inc.ClassDMS.php in LetoDMS formerly MyDMS before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Multiple Vulnerabilities in CwCMS v1.0

CwCMS is an enterprise website management system. CwCMS v1.0 has SQL injection and file upload vulnerabilities in several files, which can be exploited by attackers to obtain sensitive information from the database and gain administrative privileges on the server...

SQL Injection Vulnerability in CoolSource Content Management System

CoolSource CMS Content Site Management System is a website management system based on Microsoft's latest ASP.NET platform. A SQL injection vulnerability exists in the CoolSource CMS due to the system failing to effectively filter user input. An attacker can exploit this vulnerability to obtain...

OpenText Document Sciences xPression SQL Injection Vulnerability (CNVD-2017-33295)

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...

Frappe frappe.share.get_users SQL Injection Vulnerability

Frappe is a WEB application. Frappe frappe.share.getusers suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

Catfish CMS v4.5.7 SQL Injection Vulnerability in Frontend

Catfish CMS is open source free PHP CMS web content management system. Catfish CMS v4.5.7 suffers from a SQL injection vulnerability in the frontend. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in 74cms MembersController.class.php Page

Knight Talent System 74cms is a free website management system based on PHP+MYSQL. A SQL injection vulnerability exists in the 74cms MembersController.class.php page, which can be exploited by attackers to obtain sensitive database information...

Cash Back Comparison Script SQL Injection Vulnerability

Cash Back Comparison Script is a cash back script. A SQL injection vulnerability exists in Cash Back Comparison Script version 1.0. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Trend Micro Mobile Security SQL Injection Vulnerability

Trend Micro Mobile Security Enterprise is a set of cell phone security software from Trend Micro that integrates cell phone security scanning, real-time protection against malicious programs and monitoring of malicious behavior. A SQL injection vulnerability exists in versions of Trend Micro Mobi...

WordPress Responsive Image Gallery Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.Responsive Image Gallery plugin is one of the image management plugin. A SQL injection vulnerability exists in WordPre...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

SQL Injection Vulnerability in Guizhou Chitong Network Technology Co.

Guizhou Chitong Network Technology Co., Ltd. is an Internet service provider. The services offered include: website direct ID registration, website full network promotion, enterprise official website construction, e-commerce platform type website construction, website optimization outsourcing and...

SQL Injection Vulnerability in Wireless Suzhou App

Wireless Suzhou APP is a cell phone software that brings convenient services to Suzhou users. It is a news and life city application client focused on by Suzhou Radio and Television Station. A SQL injection vulnerability exists in Wireless Suzhou APP, which can be exploited by attackers to obtain...

Wordpress plugin image-gallery-with-slideshow 'imgid' parameter SQL injection vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Wordpress plugin image-gallery-with-slideshow. A remote attacker can exploit the...

WordPress add-edit-delete-listing-for-member-module SQL Injection Vulnerability

WordPress add-edit-delete-listing-for-member-module is a WordPress-specific plugin for adding, editing and deleting operations on member listings. A SQL injection vulnerability exists in WordPress add-edit-delete-listing-for-member-module version 1.0, which stems from the program failing to filte...

EyesOfNetwork web interface SQL injection vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

EyesOfNetwork web interface SQL injection vulnerability (CNVD-2017-33830)

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

Dolibarr ERP/CRM on/list.php File SQL Injection Vulnerability

Dolibarr ERP/CRM is an open source software/freeware for small and medium-sized businesses, organizations or freelancers. It includes different features such as Enterprise Resource Planning ERP and Customer Relationship Management CRM, as well as applications for other different activities. A SQL...

SQL Injection Vulnerability in ShopsN v2.0 Frontend OrderGroupController.class.php File

ShopsN is a free e-commerce open source system. ShopsN v2.0 official version of the front-end OrderGroupController.class.php file SQL injection vulnerability. The vulnerability is due to the system failing to effectively filter user-submitted data. An attacker can exploit this vulnerability to...