Component Collection Factory SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Collection Factory component of Joomla! The vulnerability is caused by inserting SQL commands into the query string of a web form...

Component Swap Factory SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Swap Factory component of Joomla! The vulnerability is caused by inserting SQL commands into the query string of a web form submission or...

Penny Auction Factory SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Penny Auction Factory component of Joomla! The vulnerability is caused by inserting SQL commands into the query string of a web form...

Component Raffle Factory SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Joomla! component Raffle Factory. The vulnerability is caused by inserting SQL commands into the query string of a web form submission or...

Joomla! CWJoomla CW Article Attachments SQL Injection Vulnerability

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions.CWJoomla CW Article Attachments is used in which an attachment to add management plug-ins. A SQL injection vulnerability exists...

SQL Injection Vulnerability in PbootCMS v1.2.1

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS v1.2.1 suffers from SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...

zzcms SQL Injection Vulnerability (CNVD-2018-19742)

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the /user/check.php file in ZZCMS version 8.3. A remote attacker can exploit this vulnerability to execute SQL commands with the help of Client-Ip HTTP packet header...

Frappe ERPNext SQL Injection Vulnerability (CNVD-2019-17164)

Frappe ERPNext is an open source ERP Enterprise Resource Planning system. The system includes functions for financial management, inventory management, customer relationship management, project management and human resource management. A SQL injection vulnerability exists in the 'searchfield'...

CVE-2016-9048

Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially...

S-CMS School Website Builder System SQL Injection Vulnerability at Forum Page

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A SQL injection vulnerability exists in the forum page of the S-CMS School Building System. An attacker can exploit the vulnerability to...

S-CMS School Building System SQL Injection Vulnerability at Forum Page (CNVD-2018-19275)

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A SQL injection vulnerability exists in the forum page of the S-CMS School Building System. An attacker can exploit the vulnerability to...

SQL Injection Vulnerability at User Information Modification Interface of S-CMS School Building System (CNVD-2018-19272)

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A SQL injection vulnerability exists in the user information modification interface of S-CMS. An attacker can exploit the vulnerability ...

SQL Injection Vulnerability in Haitong Blockchain Trading Platform

Haitong Network is an architecture service provider specializing in trading systems, the company has a multi-currency BTC trading platform, wallet blockchain, block browser system and more than a dozen sets of perfect and professional industry systems. SQL injection vulnerability exists in Haiton...

SQL Injection Vulnerability in OpenCart

OpenCart is an open source e-commerce building system developed using PHP. The system is easy to install, powerful, simple to operate, and supports multi-language, multi-currency and multi-store. OpenCart Chinese free version v3.0 there are SQL injection vulnerabilities , the vulnerability stems...

CVE-2018-16278

phpkaiyuancms PhpOpenSourceCMS POSCMS V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajaxsavedraft function with the dir parameter...

CA PPM SQL Injection Vulnerability

CA PPM is a suite of project and portfolio management software from CA USA. The software includes features such as task management, project planning, financial reporting management and resource management. A SQL injection vulnerability exists in CA PPM that stems from the program's inadequate...

SQL Injection Vulnerability in PbootCMS

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS suffers from SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive information in the database...

CVE-2018-1699

IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145968...

LibreHealthIO LH-EHR SQL Injection Vulnerability

LibreHealthIO LH-EHR is an open source electronic health record and medical practice management application. A SQL injection vulnerability exists in the Show Groups Popup SQL query function in the LibreHealthIO LH-EHR REL-2.0.0 release. A remote attacker can exploit the vulnerability to execute...

RSA Archer embedded WorkPoint component SQL injection vulnerability

RSA Archer is an enterprise IT governance and compliance governance product. An SQL injection vulnerability exists in the RSA Archer embedded WorkPoint component, which can be exploited by an attacker to execute SQL commands on a back-end database to read certain data...