SQL Injection Vulnerability in Website Building System of Ningbo Mufeng Network Technology Co.

Ningbo Mufeng Network Technology Co., Ltd. is a website design company with the core business of website construction, website production, website development, graphic design and corporate branding in Ningbo. There is a SQL injection vulnerability in the website building system of Ningbo Mufeng...

SQL Injection Vulnerability in the jdo*** Component jdo*** Module of joomla!

joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the jdo module of the joomla! jdo component. The vulnerability allows attackers to obtain sensitive information about the database...

SQL Injection Vulnerability in OFCMS System Management Service

OFCMS is a content management system developed based on java technology. A SQL injection vulnerability exists in the OFCMS system administration, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Super CMS Frontend in***.php Page

Super CMS by the SEO Research Center in order to solve the problem of website optimization and research and development of a set of products, using an object-oriented approach to independent research and development of the MVC framework development, is an open source content management system...

SQL Injection Vulnerability in Smart Meter Collective Reading Management System Lo***.aspx Page

Qingdao Automatic Instrumentation Co., Ltd. is a new joint-stock enterprise integrating R&D and manufacturing. There is a SQL injection vulnerability in the Lo.aspx page of the Intelligent Instrumentation Collector Management System, which can be exploited by attackers to obtain sensitive...

SQL Injection Vulnerability in File System Profile Frontend Bi***.ashx Page

The filing system Profile is an in-house employee management software. A SQL injection vulnerability exists in the frontend Bi.ashx page of File System Profile, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in PHPMyWind si***_up***.php File

PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMyWind siup.php file. An attacker can exploit this vulnerability to obtain sensitive database information...

PHPOK 5.0.055 suffers from a SQL Injection Vulnerability

PHPOK system is a content management system for website construction developed by Shenzhen 锟铻科技有限公司formerly known as PHPOK Studio. A SQL injection vulnerability exists in PHPOK 5.0.055. The vulnerability is caused by poor filtering of user-submitted parameters. An attacker can exploit this...

SQL Injection Vulnerability in Incentive Technology's Website Construction System

Ltd. is a network company specializing in Internet technology services, network technology development and application in one. A SQL injection vulnerability exists in the website construction system of Incentive Technology. An attacker can use this vulnerability to obtain sensitive information in...

Interspire Email Marketer SQL Injection Vulnerability (CNVD-2018-26788)

BigCommerec Interspire Email Marketer IEM is a suite of email marketing software from BigCommerec, USA. A SQL injection vulnerability exists in the 'updateblock' function of the Dynamiccontenttags.php file in BigCommerec IEM 6.1.6 and earlier versions. A remote attacker can exploit this...

Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability

Cisco Integrated Management Controller IMC Supervisor is a set of tools used by Cisco to manage UCS Unified Computing System, which supports HTTP, SSH access, etc., and allows operations such as powering up, shutting down, and restarting the server. A SQL injection vulnerability exists in the web...

SQL Injection Vulnerability in Nanjing Yunhuatong Network Technology Website Building System

Nanjing Yunhuatong Network Technology Station Building System is an enterprise station building system developed by Nanjing Yunhuatong Network Technology Co. There is a SQL injection vulnerability in Nanjing Yunhuatong Network Technology website building system, which can be exploited by attacker...

S-CMS News Portal System me***.php page suffers from SQL injection vulnerability

S-CMS news portal system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station. A SQL injection vulnerability exists in the me.php page of the S-CMS news portal system. An attacker can exploit the vulnerability to obtain sensitive...

Component AlphaIndex Dictionaries SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Joomla! component AlphaIndex Dictionaries. The vulnerability is caused by an attacker inserting SQL commands into the query string of a w...

CVE-2018-10197

There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ticket HTTP GET...

SQL Injection Vulnerability in Guangzhou Lianya Network Technology Co.

Guangzhou Lianya Network Technology Co., Ltd. is a technology-based network company. A SQL injection vulnerability exists in the website building system of Guangzhou Lianya Network Technology Co. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in SMiCMS Government Website System v201803224 Version

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS government website system v201803224 version of the existence of SQL injection vulnerability , attackers can exploit the...

SQL Injection Vulnerability in YHCMS Version V2.6.5 R20160808

YHCMS is a professional marketing enterprise building system based on PHP+MYSQL as the core development. A SQL injection vulnerability exists in YHCMS version V2.6.5 R20160808. The vulnerability originates from the system's parameter filtering is not rigorous. An attacker can exploit the...

SQL Injection Vulnerability in Nagios XI 5.4.12 and Prior (CNVD-2018-09748)

Nagios is an open source, free network monitoring tool that effectively monitors the status of hosts, switches routers and other network devices, printers, etc. for Windows, Linux and Unix. Nagios XI 5.4.12 and earlier versions suffer from a SQL injection vulnerability that can be exploited by...

CVE-2018-8820

An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xpcmdshell. In some cases, the...