8195 matches found
Joomla Hbooking Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla Hbooking component. An attacker can exploit the vulnerability to access or modify database data...
Joomla JE Form Creator Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla JE Form Creator component, which can be exploited by attackers to access or modify database data...
Joomla JE auction component SQL injection vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla JE auction component. An attacker can exploit the vulnerability to access or modify database data...
Joomla Music Collection Component SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla Music Collection component. An attacker can exploit the vulnerability to access or modify database data...
CVE-2016-8355
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and...
CVE-2016-8341
An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands...
Multi-meter (DuomiCms) film and television management system climit and ckey parameters exist SQL injection vulnerability
Duomi DuomiCms film and television management system is a set of specialized video on demand system. A SQL injection vulnerability exists in DuomiCms. The lack of filtering of the 'climit' and 'ckey' parameters allows an attacker to exploit the vulnerability to obtain sensitive database informati...
McAfee ePolicy Orchestrator SQL Injection Vulnerability (CNVD-2017-01459)
McAfee ePolicy Orchestrator ePO is a suite of scalable security management software from Intel Corporation formerly McAfee, Inc.. The software enables centralized, streamlined management of endpoint, network, content security and compliance solutions. An SQL injection vulnerability exists in McAf...
SQL Injection Vulnerability in iTrackGPS Monitoring Management System
iTrackGPS Monitoring Management System is a GPS monitoring system. A SQL injection vulnerability exists in iTrackGPS Monitoring Management System. The lack of filtering of the 'SystemNo' parameter allows an attacker to exploit the vulnerability to obtain sensitive database information...
The vulnerability of the MySQL database management system allows a hacker to cause a service failure.
The vulnerability of the InnoDB component of the MySQL database management system is related to the creation of critical data packets. Exploiting this vulnerability can allow a malicious actor to cause a system to become unresponsive or, in rare cases, to trigger an emergency shutdown through...
EMC Documentum D2 4.5.x and 4.6.x < 4.7 Multiple Vulnerabilities (ESA-2016-167)
The remote host is running a version of EMC Documentum D2 that is 4.5.x or 4.6.x prior to 4.7. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can...
IBM Kenexa LMS on Cloud SQL Injection Vulnerability (CNVD-2017-00564)
IBM Kenexa LMS on Cloud is a configurable, enterprise-grade social learning management system LMS from IBM that integrates social networking, collaboration, and knowledge sharing capabilities. The system provides interactive features and supports users to evaluate learning content and share their...
MC Documentation Creator SQL Injection Vulnerability
MC Documentation Creator is a PHP document creation script . A SQL injection vulnerability exists in MC Documentation Creator. Due to poor parameter filtering in this PHP script, an attacker can exploit the vulnerability to obtain sensitive data...
Advantech WebAccess 'updateTemplate.aspx' SQL Injection Vulnerability
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A SQL injection vulnerability exists in Advantech WebAcces...
Smart Guard Network Manager SQL Injection Vulnerability
Smart Guard Network Manager is a software that manages your network, bandwidth and network security. An SQL injection vulnerability exists in the ?menuid parameter of the searchallhistory.php page in Smart Guard Network Manager version 6.3.2, which originates from the program failing to adequatel...
Microsoft .NET Framework Information Disclosure Vulnerability (CNVD-2016-12419)
Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...
Dell SonicWALL Universal Management Suite SQL Injection Vulnerability
Dell SonicWALL Universal Management Suite is a product of Dell, Inc. Dell SonicWALL Analyzer provides a comprehensive view of the network with comprehensive reports on bandwidth, threats and application traffic analysis. Dell SonicWALL Global Management System GMS is easily replaced, updated or...
Luis Bernardo SQL Injection Vulnerability
Luis Bernard is a web application development framework. A SQL injection vulnerability exists in the idplayer parameter of the formseeplayer.php page of the Luis Bernard system. Because the program fails to adequately filter user-submitted input, an attacker could use this vulnerability to take...
SQL Injection Vulnerability in LMID Parameter of United Technologies Healthcare System
Lianzhong Technology Medical System is a medical and health system application software of Zhejiang Lianzhong Intelligence Technology Co. A SQL injection vulnerability exists in the LMID parameter of the Lianzhong Technology Medical System, as the program fails to properly filter the LMID...
SQL Injection Vulnerability in Seth Interactive Technologies CRM System
SalesPlus is a Salesforce partner and CRM service provider. A SQL injection vulnerability exists in the CRM system of SalesPlus Interactive Technologies. The vulnerability is caused by uid, type, topicid, tid, senduserid, sendobjectid, sendgroupid, search, replytype, pid, key, id, groupname,...