DotProject suffers from SQL injection vulnerability (CNVD-2020-32472)

DotProject is a Web-based project management tool , using PHP development . DotProject has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in the Website Building System of Tianze Culture Communication (Henan) Co.

Ltd. is a network service company that provides Internet network information services, engages in Internet value-added services, and provides enterprises with customized network solutions, website construction, network promotion and other services. There is a SQL injection vulnerability in the...

LJcms v1.29 SQL Injection Vulnerability

LJCMS adopts PHP + Mysql architecture, is a very SEO friendly, full-featured, safe and stable, support multi-terminal display and extremely simple to use enterprise station building system. LJcms v1.29 SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive informatio...

SQL injection vulnerability exists in kkcms (CNVD-2020-33119)

kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information database...

Hefei Tianxun Information Technology Co., Ltd. pushes Couponer CMS with SQL injection vulnerability

Push Couponer CMS is a completely free Taobao coupon website source code program. Ltd. Push Couponer CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2020-4345

IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318...

SQL Injection Vulnerability in Website Building System of Zonglian Information Technology Co.

Zonglian Technology customizes the official website for each enterprise, and establishes the website construction plan suitable for the enterprise according to the budget, design, industry and enterprise image. With the appropriate display, display effect, site framework, through the integration ...

SQL Injection Vulnerability in Stone Technology Opinion Analysis Assistant us***.php Page

Stone Technology Public Opinion Analysis Assistant is a monitoring tool that can collect the titles of publicly released information from specified websites and filter out the information and links required by users based on keywords and filters. A SQL injection vulnerability exists in the us.php...

SQL Injection Vulnerability in the Website Building System of Suzhou Topps Network Technology Co.

Suzhou Topps Network Technology Co., Ltd. is engaged in solving the website construction, Baidu promotion, Baidu bidding hosting, Ali network marketing treasure hosting, optimization station rental and sale. Suzhou Topps Network Technology Co., Ltd. station building system there is a SQL injectio...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a attacker to execute arbitrary SQL queries.

The vulnerability in the vManage web interface of the Cisco SD-WAN programmatically defined network is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

hibernate: SQL injection issue in Hibernate ORM

A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further...

SQL Injection Vulnerability in Employment Information Service Platform of Shanghai Jiading Information Technology Co.

Shanghai A-Ding Information Technology Co., Ltd. is focusing on college cloud employment information service platform products, adhering to the principle of saas, with many high-quality Internet resources as the basis, to establish employment information service cloud platform. Provide humanized,...

Shantou Sanyu Technology Co., Ltd. website building system suffers from SQL injection vulnerability.

Ltd. is a company that focuses on designing, producing and providing personalized e-commerce solutions for enterprises. Ltd. website building system suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Website Building System of Suzhou Topps Network Technology Co.

Suzhou Topps Network Technology Co., Ltd. is a computer software, computer animation and network products design, research and development, sales, and provide related technical services and consulting services company. There is a SQL injection vulnerability in the website system of Suzhou Topps...

PayloadsAllTheThings

This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security testing and penetration testing purposes. The primary vulnerability class targeted by this repository is CRLF Carriage Return an...

Xi'an Baolian Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2020-32333)

Xi'an BaiLian Network Technology Co., Ltd. is the first technology company specializing in bearing industry management software development and bearing industry portal design. There is a SQL injection vulnerability in the website building system of Xi'an Bailian Network Technology Co. Attackers c...

SQL Injection Vulnerability in Learning Module ti*** Parameters of 120 Emergency Command Center Web Service System

120 Emergency Command Center Web Service System is a set of web application services for 120 Emergency Command Center, including internal training, learning and assessment functions. SQL injection vulnerability exists in the learning module ti parameter of the 120 Emergency Command Center Web...

Extreme CMS suffers from SQL injection vulnerability

Extreme CMS is an enterprise-level open source content building system. Extreme CMS has a SQL injection vulnerability , attackers can exploit the vulnerability to obtain sensitive database information...

PT-2020-13036 · WordPress · Wp-Advanced-Search

Name of the Vulnerable Software and Affected Versions: wp-advanced-search plugin version 3.3.6 Description: The Import feature in the wp-advanced-search plugin is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any...

Shaanxi New Force Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Ltd. is a high-tech company integrating R&D, production and sales. Ltd. website building system has SQL injection vulnerabilities, which can be exploited by attackers to obtain sensitive information from the database...