SQL Injection Vulnerability in id Parameter of Digital Campus Management System of Shanghai Pengda Computer System Development Co.(CNVD-2017-02002)

The digital campus system of Shanghai Pengda Computer System Development Co., Ltd. is a technology platform using .NET+SqlServer. NET+SqlServer technology platform. The digital campus management system of Shanghai Pengda Computer System Development Co. pages are vulnerable to a SQL injection...

OIC Exponent CMS SQL Injection Vulnerability (CNVD-2016-10747)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. An SQL injection vulnerabilit...

CVE-2016-1000115

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS...

TYPO3 Events Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system. A SQL injection vulnerability exists in TYPO3 due to failure to adequately clean user input. An attacker can exploit the vulnerability to access and modify data...

Pivotal Spring Data JPA SQL Injection Vulnerability

Pivotal is a new company formed by EMC and VMware. A SQL injection vulnerability exists in Pivotal Spring Data JPA due to the program's inability to adequately clean user input data. An attacker could exploit the vulnerability to access and modify data...

Rockwell Automation FactoryTalk EnergyMetrix SQL Injection Vulnerability

Rockwell Automation FactoryTalk EnergyMetrix is a Web-based software management package for capturing, analyzing, storing and sharing energy data from Rockwell Automation. A SQL injection vulnerability exists in Rockwell Automation FactoryTalk EnergyMetrix versions prior to 2.20.00. A remote...

SAP NetWeaver AS JAVA SQL Injection Vulnerability

SAP NetWeaver is an integrated, service-oriented application platform that provides a development and runtime environment for SAP applications.SAP NetWeaver AS Java is an application server that runs in NetWeaver and is based on the Java programming language. An SQL injection vulnerability exists...

SolarWinds Storage Resource Monitor Profiler SQL Injection Vulnerability

SolarWinds Storage Resource Monitor SRM Profiler formerly known as Storage Manager, STM is a set of Web-based data storage management software from SolarWinds Inc. that integrates storage monitoring, reporting, alarming, and predictive analytics. A SQL injection vulnerability exists in the Web...

Cisco Secure Access Control Server SQL Injection Vulnerability

Cisco Secure Access Control Server that is ACS, is the United States Cisco Cisco a security access control server. A SQL injection vulnerability exists in Cisco Secure Access Control Server 5.7. It allows an authenticated remote user to execute arbitrary SQL commands via a crafted URL...

Contact Form Maker Component SQL Injection Vulnerability

Joomla! is an open source content management system that provides RSS feeds, site search, etc. Contact Form Maker is a component for creating submission forms. A SQL injection vulnerability exists in the Joomla! Contact Form Maker component that can be exploited by remote attackers to submit a...

SQL Injection Vulnerability in type parameter of Haitian OA System/ZhuanTi/frmmain.asp page

Haitian OA network office system is suitable for enterprises and institutions of the general network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerability exist...

PreProjects E-Smart Cart SQL Injection Vulnerability

PreProjects E-Smart Cart is an integrated shopping portal, search engine and email-based forum solution from PreProjects Australia. An SQL injection vulnerability exists in the embadmin/login.asp script in PreProjects E-Smart Cart, which arises from the program failing to adequately filter...

EMC Secure Remote Services Virtual Edition Gateway Provisioning Service SQL Injection Vulnerability

EMC Secure Remote Services Virtual Edition ESRS VE is a suite of Remote Services Virtual Edition software from EMC Corporation used to provide bi-directional remote connectivity between EMC customer service and end-user EMC products and solutions. A SQL injection vulnerability exists in the Gatew...

SA-CONTRIB-2010-070 - Multiple vulnerabilities in multiple contributed modules

Versions affected and proposed solutions Easy Translator for Drupal 6.x The module is vulnerable to SQL injections. Solution: Disable the module. There is no safe version of the module to use. Block Queue for Drupal 6.x The Block Queue module allows users to create "queues" of blocks much like...

PT-2009-5250 · Scripteen · Scripteen Free Image Hosting Script

Name of the Vulnerable Software and Affected Versions: Scripteen Free Image Hosting Script version 2.3 Description: The issue concerns SQL injection vulnerabilities in the header.php file. Remote attackers can execute arbitrary SQL commands by manipulating the cookid or cookgid cookie...