SQL Injection Vulnerability in phpaaCMS

phpaaCMS is a simple article management system. A SQL injection vulnerability exists in /admin/category.add.php in phpaaCMS v0.5, which can be exploited by attackers to obtain sensitive information about the database...

EMC Data Protection SQL Injection Vulnerability

EMC Data Protection Advisor is a data protection management solution from EMC Corporation. The solution supports automated and centralized execution of all such data collection and analysis, as well as obtaining a single comprehensive view of the data protection environment and activities. A SQL...

SQL Injection Vulnerability in Hanchao B2B2C Multi-User Mall System Submit_service Method

Hanchao B2B2C multi-user mall system is a PHP multi-user mall website system source code developed in PHP + MySQL. Hanchao B2B2C multi-user mall system submitservice method exists SQL injection vulnerability, due to the system failed to strictly filter the parameters provided by the user. An...

Aruba Networks ClearPass Policy Manager SQL Injection Vulnerability

Aruba Networks ClearPass Policy Manager is a BYOD network access control policy enforcement platform. An SQL injection vulnerability in Aruba Networks ClearPass Policy Manager allows remote attackers to construct malicious URIs, trick users into parsing them, and perform malicious actions in the...

IBM Maximo Asset Management SQL Injection Vulnerability (CNVD-2017-21753)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for these assets. An SQL injectio...

Piwigo SQL Injection Vulnerability

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A SQL injection vulnerability exists in the administrative backend of Piwigo 2.9.1 and previous versions. A remote attack...

SQL Injection Vulnerability in appcms comment.php

APPCMS is a professional APP content management system. APPCMS comment.php suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to obtain sensitive database information or perform unauthorized operations...

Treehugger External Link System suffers from SQL Injection Vulnerability

Tree Hole external chain system is a free open source PHP external chain network disk system , support for a variety of storage methods , multi-user system . Tree Hole external link system in shudong\views\userFiles file in the existence of SQL injection vulnerability , due to the failure of the...

SQL Injection Vulnerability in addr_edite Method of ShopSn V2.0 Mall System

ShopsN Mall system is a product of Shanghai Yiso Network Technology Co., Ltd, an enterprise-class commercial standard full-featured allow free commercial use of the open source online store full network system. A SQL injection vulnerability exists in the userid parameter in the addredite method o...

CVE-2017-1347

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462...

nuevoMailer 'r' Parameter SQL Injection Vulnerability

nuevoMailer is an email marketing software that can be used to manage mailing lists and track autoresponders. A SQL injection vulnerability exists in nuevoMailer 6.0 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of the 'r'...

SQL Injection Vulnerability in Niushop Goods.php

NiuShop open source mall system is by Shanxi Niu Cool Information Technology Co., Ltd. completely independent design, research and development of a set of PHP open source e-commerce system . NIUSHOP open source mall system goods.php file id parameter SQL injection vulnerability , the program for...

Two SQL Injection Vulnerabilities in Axublog Blog System

axublog is a PHP personal blog system. Two SQL injection vulnerabilities exist in Axublog blog system. An attacker can exploit the vulnerabilities to obtain database information...

SQL Injection Vulnerability in ShopSn V2.0 Mall System

ShopsN free version of the B2C e-commerce is a product of Shanghai Yisu Network Technology Co., Ltd , a full-featured business standards in line with the enterprise-class truly allow free commercial use of open source online store system . ShopSn V2.0 mall system has a SQL injection vulnerability...

SQL Injection Vulnerability in Xiangsoft Smart Campus Platform

Xiangsoft Smart Campus Platform is an informative and intelligent software system. SQL injection vulnerability exists in Xiangsoft Technology Smart Campus Platform. An attacker can use this vulnerability to obtain sensitive information of the database...

eCom Cart SQL Injection Vulnerability

A SQL injection vulnerability exists in eCom Cart. The vulnerability allows attackers to obtain sensitive information about the database...

OV3 Online Administration SQL Injection Vulnerability

OV3 Online Administration is an online administration platform. An SQL injection vulnerability exists in OV3 Online Administration. The vulnerability is caused due to input passed via multiple GET and POST parameters including the User-Agent HTTP header not being properly filtered before being...

Shenzhen Sodo technology enterprise station CMS SQL injection vulnerability

Shenzhen Sodo Technology enterprise station CMS is a specialized product for enterprise station building. SQL injection vulnerability exists in Shenzhen Sodo Technology Enterprise Station Building CMS. Attackers can use this vulnerability to obtain database information...

SQL Injection Vulnerability in Website Building System of Guangzhou Shuntian Computer Technology Co.

Shun Tian Technology is a domestic senior network technology service provider, with international leading website development technology, e-commerce technology, website full range of promotional technology and attentive after-sales customer service team. Guangzhou Shuntian Computer Technology Co....

poc

This repository appears to be a collection of proof-of-concept PoC exploits for various vulnerabilities, primarily targeting web applications. The PoCs are written in Python and utilize the Beebeeto framework. The PoCs cover a range of vulnerabilities, including SQL injection, cross-site scriptin...