eClass platform SQL Injection Vulnerability

eClass platform is an open source course management system organized by GUnet Greece. A SQL injection vulnerability exists in versions of eClass platform prior to ip.2.5.10.2.1. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. ...

ZZCMS SQL Injection Vulnerability (CNVD-2019-24373)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in ZZCMS 8.3 and earlier versions. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this...

SQL Injection Vulnerability in VANOC Enterprise Website Management System Backend

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. VANOC enterprise website management system backend has SQL injection vulnerability, attackers can exploit the vulnerability to obtain database information...

WordPress AJdG AdRotate Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.AJdG AdRotate plugin is an ad management plugin used in it. A SQL injection vulnerability exists in WordPress AJdG AdRotate plugin...

The vulnerability of the U.motion Builder system, related to the incorrect processing of special symbols in SQL queries, allows a hacker to execute arbitrary code.

The vulnerability of the U.motion Builder system for managing industrial and residential facilities is related to the improper processing of special symbols in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted query...

Harbin Youyang Technology Co., Ltd. website building system has SQL injection vulnerabilities

Harbin Youyang Technology Co., Ltd. is an Internet application technology and consulting service provider. There is a SQL injection vulnerability in the website building system of Harbin YouYang Technology Co., Ltd, which can be exploited by attackers to obtain sensitive information...

WordPress FV Flowplayer Video Player SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A SQL injection vulnerability exists in WordPress FolioVisio...

SQL Injection Vulnerability in Xiamen Phoenix Chuangyi Software Co.

Phoenix Chuangyi software development teaching and training software, providing vivid image of three-dimensional interactive teaching, for the construction of high-quality professional schools, innovative teaching mode and teaching content to provide a powerful support platform. Xiamen Phoenix...

Hubei Yibaitian Network Media Co., Ltd. website builder system has SQL injection vulnerability

YBTS Network Media operates computer software and hardware R&D business and Internet data business in Shanghai Telecom's Caobao Road/Wai Gao Qiao/Wusheng Road and other national server rooms. Hubei YBTS Network Media Co., Ltd. website building system has SQL injection vulnerability, attackers can...

CVE-2019-7003

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7.x and 8.0.x versions...

SQL Injection Vulnerability in Normandy Technology Website Building System

Zhongshan Normandy Information Technology Co., Ltd. is a service organization that provides network informatization for enterprises and institutions. Normandy Technology website building system has SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information in...

Trape SQL Injection Vulnerability (CNVD-2019-22230)

Trape is a suite of open source Internet tracking and identification tools. The tool is capable of remotely identifying sessions and simulating phishing attacks. A SQL injection vulnerability exists in Trape 2019-05-08 and prior versions. The vulnerability stems from a lack of validation of...

openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data

A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...

SQL Injection Vulnerability in AIT CMS

Hainan Zanzan Network Technology Co., Ltd. is a professional website construction, network services, operation technology output network company in the industry. There is a SQL injection vulnerability in AIT CMS, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Zhongyan Ruihua Video Surveillance Management Platform

Ningbo Zhongyan Ruihua Digital Technology Co., Ltd former Oriental Ruihua develops and sells "RUIHUA" Ruihua 3G wireless video surveillance, cell phone video surveillance, wireless data transmission, software development and other series of products. A SQL injection vulnerability exists in Ruihua...

SQL Injection Vulnerability in Beijing Night Cat Website Building System

Beijing Nightcats Tiancheng Network Technology Co., Ltd referred to as Nightcats Network, is a professional website design and website construction service provider. There is a SQL injection vulnerability in Beijing Nightcats website building system, which can be exploited by attackers to obtain...

CSZ CMS SQL Injection Vulnerability

CSZ CMS is a PHP-based open source content management system CMS. A SQL injection vulnerability exists in the core/MYSecurity.php file in CSZ CMS version 1.2.2 prior to 2019-06-20. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based application...

SQL Injection Vulnerability in Enterprise Side Internet Integrated Management Platform

Beijing Yahong Century Technology Development Co., Ltd. is a technology company specializing in Internet spatial data governance, network and information security and data value-added solutions and services. An SQL injection vulnerability exists in the Enterprise Side Internet Integrated Manageme...

Apache Fineract SQL Injection Vulnerability (CNVD-2019-19050)

Apache Fineract is a set of open source digital financial services platform of the U.S. Apache Apache Software Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. An SQL injection vulnerability...

Mito website building system has information leakage vulnerability

metinfo mito system is an enterprise website management system with PHP Mysql architecture. Version 6.2.0 of the metinfo website builder system has an information leakage vulnerability that can be exploited by attackers to download sql files and obtain sensitive information...