CVE-2020-28115

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

SQL Injection Vulnerability in Qixing Fault Reporting System (WeChat Public Version) 40.0

Servicedesk can be used as an enterprise fault reporting platform. The system supports secondary authentication, problem statistics, WeChat notification and other functions. A SQL injection vulnerability exists in Qixing Fault Reporting System WeChat Public Version 40.0, which can be exploited by...

SQL Injection Vulnerability in CMS Frontend

Situ CMS is the short name of Situ Tourism Website Management System, which is a self-developed website management system applicable to the construction of tourism websites. A SQL injection vulnerability exists in the frontend of SITO CMS. An attacker can exploit the vulnerability to obtain...

SQL Injection Vulnerability in Ruijie IT Integrated Business Management Platform

Ruijie Networks is a specialized network vendor with a full range of network equipment product lines and solutions, including switches, routers, software, security firewalls, wireless products and storage. A SQL injection vulnerability exists in Ruijie IT integrated business management platform. ...

Zoho ManageEngine Application Manager SQL Injection Vulnerability (CNVD-2021-05408)

ZOHO ManageEngine Application Manager is a set of application monitoring and management system of the United States ZhuoHao ZOHO company. The system is mainly used to monitor server and application performance. A SQL injection vulnerability exists in Zoho ManageEngine Application Manager 14.7 Bui...

SQL Injection Vulnerability in NC Cloud of UFIDA Network Technology Corporation (CNVD-2020-64774)

NC Cloud is a digital platform for large enterprises, focusing on digital management, digital operation and digital business, helping large enterprises realize the comprehensive digitalization of people, money, goods and customers. A SQL injection vulnerability exists in NC Cloud of UFIDA Network...

The vulnerability of the SQL Developer Install component of the Oracle Database Server management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SQL Developer Installation component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

SQL Injection Vulnerability in Shield Spirit Voting Sucking System

Shield Spirit Voting Powder Sucking System can be applied to the public number, through the WeChat public number of the message interface to collect the user to send the vote number of the data to reach the vote, with anti-brush voting voting function, but also efficiently suck the live powder...

SQL Injection Vulnerability in Shield Spirit Voting Sucker System (CNVD-2020-62877)

Shield Spirit Voting Powder Sucking System can be applied to the public number, through the WeChat public number of the message interface to collect the user to send the vote number of the data to reach the vote, with anti-brush voting voting function, but also efficiently suck the live powder...

BEESCMS Enterprise Website Management System suffers from SQL Injection Vulnerability

BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. BEESCMS enterprise website management system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database...

SQL Injection Vulnerability in Shield Spirit Voting Sucker System (CNVD-2020-62838)

Shield Spirit Voting Powder Sucking System can be applied to the public number, through the WeChat public number of the message interface to collect the user to send the vote number of the data to reach the vote, with anti-brush voting voting function, but also efficiently suck the live powder...

SQL Injection Vulnerability in RaiseDreams Crowdfunding System pr***.aspx File

RaiseDreams crowdfunding system is an enterprise-level crowdfunding website platform for financial tycoons and enterprises that are about to put into crowdfunding ranks, using asp.net+MsSQL database as the system architecture, and the front-end using html5+css3 modern html language to create a...

Five Fingers CMS suffers from SQL injection vulnerability (CNVD-2020-62400)

Five Fingers CMS is an open source content management system that supports LNAMP architecture. Five Fingers CMS has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive data...

IBM Sterling B2B Integrator SQL Injection Vulnerability (CNVD-2020-59703)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffers from a SQL injection...

SQL Injection Vulnerability in YouDianCMS v9.0

YouDian enterprise website management system abbreviated as YouDianCMS system set computer station, cell phone station, micro letter, APP, small program in one, shared space, data synchronization, is the domestic open source five stations in one excellent enterprise building station solutions...

CVE-2020-25157

The R-SeeNet webpage 1.5.1 through 2.4.10 suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information...

Adobe Magento SQL Injection Vulnerability

Adobe Magento is the U.S. Odobie Adobe company's set of open source PHP e-commerce system. The system provides rights management , search engine and payment gateway and other functions.Magento Open Source is the open source version of Magento.Magento Commerce is the commercial version of Magento...

ZZCMS suffers from a file upload vulnerability (CNVD-2020-59411)

ZZCMS is a content management system. A SQL injection vulnerability exists in the backend of ZZCMS2020, which can be exploited by attackers to gain control of the server...

SQL Injection Vulnerability in the Management Platform of Internet Service Establishments of the Public Security Bureau (CNVD-2020-60077)

Harbin Zhonglong Baiying Technology Development Co., Ltd. was established on May 29, 2013, mainly engaged in computer hardware and software, office automation equipment, security equipment and so on. A SQL injection vulnerability exists in the management platform of the Public Security Bureau's...

SQL Injection Vulnerability in Qimage's Website Management System (Wim)

Hefei Qimai Network Technology Co., Ltd. specializes in website construction, website optimization, web hosting, domain name registration and other network services. A SQL injection vulnerability exists in Qimage's website management system Wim. Attackers can utilize this vulnerability to obtain...