Pangu Network Technology website builder system suffers from SQL injection vulnerability

Pangu Network is a regional service operator authorized by Baidu, a group of companies providing integrated network marketing services to customers in the region with Baidu's business as the core. A SQL injection vulnerability exists in Pangu Network Technology's website builder system, which can...

openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data

A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...

Dutch Auction Factory Component SQL Injection Vulnerability in Joomla!

Joomla! is a U.S. Open Source Matters team using PHP and MySQL development of a set of open source, cross-platform content management system CMS. Dutch Auction Factory is used in one of the auction site to create extensions . A SQL injection vulnerability exists in the Dutch Auction Factory...

SQL Injection Vulnerability in phpshe v1.7 (CNVD-2019-12520)

PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation feedback and other functions, providing users with online shopping mall construction program. phpshe v1.7 version of the existence of SQL...

Heilongjiang Yitong Network Technology Development Co., Ltd. website building system has SQL injection vulnerability

Heilongjiang Yitong Network Technology Development Co., Ltd. is an enterprise website building system. There is a SQL injection vulnerability in Heilongjiang Yitong Network Technology Development Co., Ltd. that can be exploited by attackers to obtain sensitive information from the database...

The vulnerability of the PQescape() function in the libpq library of the PostgreSQL database management system allows a hacker to disclose sensitive information that is protected by this function.

The vulnerability of the PQescape function in the libpq library of the PostgreSQL database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose protected information through SQL injections...

SQL Injection Vulnerability in NetSoft Zhicheng Classifieds Website System

NetSoft Zhicheng classifieds website system is a php mysql based website building system. Netsoft Zhicheng classifieds website system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information in the database...

SQL Injection Vulnerability in Daimi CMS_V6.0.6

Rice CMS is a free open source, fast, simple PC station and cell phone station building integrated integration system , to provide open source Android cell phone client APK and the corresponding server-side system source code download. Rice CMSV6.0.6 SQL injection vulnerability . Rice CMSV6.0.6...

SQL Injection Vulnerability in Sl***_St***.aspx of Bid 1.0 Backend of Qixing Engineering Bidding System

Qixing Bidding System is suitable for enterprises to collect information on government procurement, engineering construction, land grant and other bidding information, and to track the progress of works and payment of successful projects. QiStar Engineering Bidding System Bid 1.0 backend SlSt.asp...

SQL Injection Vulnerability in Bidding System Bid Frontend Wo***.aspx Page

Qixing Bidding System Bid is a system suitable for enterprises to collect information on bidding information of government procurement, engineering construction, land grant, etc., and to track the progress of works and payment of successful projects. A SQL injection vulnerability exists in the...

DEBIAN-CVE-2018-4056

An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN server administrator...

Component vWishlist SQL Injection Vulnerability in Joomla!

Joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla! component vWishlist. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in ThinkCMF 2.2.3 cl***.php Page

ThinkCMF is a Chinese content management framework based on PHP+MYSQL. A SQL injection vulnerability exists in the ThinkCMF 2.2.3 cl.php page. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in HuCart ad***.php Page

HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version ad.php page SQL injection vulnerability , remote attackers can exploit the vulnerability to obtain database sensitive information...

CVE-2018-19468

HuCart 5.7.4 has SQL injection in getip in system/class/helperclass.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=actlogin URI...

SeaCMS SQL Injection Vulnerability (CNVD-2019-08331)

SeaCMS Ocean CMS is a professional open source free PHP film and television system. SeaCMS 6.6.4 suffers from a SQL injection vulnerability, which can be exploited by attackers via the adminmakehtml.php topic parameter...

vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable docker environments, including a web application vulnerable to various attacks. The tool is designed to help developers and security researchers test and demonstrate the effectiveness of web...

MetInfo pa***.php file has sql injection vulnerability

MetInfo is a content management system developed using PHP and Mysql. A sql injection vulnerability exists in the MetInfo pa.php file, which can be exploited by an attacker to obtain sensitive information from the database...

CVE-2018-18787

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie...

REDAXO SQL Injection Vulnerability

REDAXO is an open source Web portal content management system . The system supports custom modules , plug-in extensions , project backup and so on. A SQL injection vulnerability exists in Benutzerverwaltung in versions prior to REDAXO 5.6.4. A remote attacker can exploit this vulnerability to...