Generalized SQL Injection Vulnerability in Seven Colors Network Website Builder System

A generic SQL injection vulnerability exists in the Seven Colors Network website builder system. The vulnerability allows attackers to obtain sensitive database information...

SQL Injection and Arbitrary File Upload Vulnerabilities in Rural Electronic Monitoring Platform of Beijing Zhongnong Xinda Information Technology Co.

Beijing Zhongnong Xinda Information Technology Co., Ltd. is a provider of comprehensive services for three rural informatization, and the Rural Electronic Monitoring Platform is one of the company's monitoring platforms. A SQL injection and arbitrary file upload vulnerability exists in the Rural...

Symantec Endpoint Protection Manager SQL Injection Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 A SQL injection vulnerability exists in the management console of...

Cacti SQL Injection Vulnerability (CNVD-2015-04994)

Cacti is based on PHP, MySQL, SNMP and RRDTool developed a set of graphical analysis of network traffic monitoring tools . Cacti 'graphs.php' , 'cdef.php', 'datatemplates.php', 'graphtemplates.php' and 'hosttemplates.php' scripts incorrectly filter user input, allowing remote attackers to exploit...

Sysphonic Thetis SQL Injection Vulnerability

Thetis World-Strongest groupware/web collaboration suite is based on Ruby on Rails. A SQL injection vulnerability exists in Sysphonic Thetis versions prior to 2.3.0, which can be exploited by remote attackers to execute arbitrary SQL commands...

SQL Injection Vulnerability in Panmicro E-office /E-mobile/create/ajax_do.php Parameters

Panmicro E-office is an OA product launched by Panmicro for small and medium-sized organizations. A SQL injection vulnerability exists in the Panmicro E-office /E-mobile/create/ajaxdo.php parameter, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in Gobetters Video Conferencing System /web/server/serverstart.php?machineid= Parameter

GoBetter video conferencing system is a pure software video conferencing system with high-performance audio and video interactions, as well as perfect data functions launched by GoBetter. A SQL injection vulnerability exists in the Gobetters Video Conferencing...

SQL Injection Vulnerability in sGaoHao Parameter of Nanjing Jenohan Journal Submission System

Nanjing Jenohan Software Technology Co., Ltd. is for the development of hospital full cost accounting decision support software system, hospital performance management information system and hospital customer management information system. SQL injection vulnerability exists in the sGaoHao paramet...

SQL Injection Vulnerability in Haitian OA System ID Parameter

Haitian OA network office system is suitable for enterprises and institutions of the general-purpose network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerabili...

SQL Injection Vulnerability in OAID Parameter of Haitian OA System/Documents/OA_DocDisplay_NewWindow.asp Page

Haitian OA network office system is suitable for enterprises and institutions of the general-purpose network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerabili...

ApPHP Hotel Site SQL Injection Vulnerability

ApPHP Hotel Site is a PHP-based hotel management solution from ApPHP USA. The program provides hotel management and online booking and other functions. A SQL injection vulnerability exists in ApPHP Hotel Site version 3.x.x. The vulnerability stems from the index.php script failing to adequately...

Aruba Networks CPPM SQL Injection Vulnerability

Aruba Networks ClearPass Policy Manager is an advanced policy management platform for role- and device-based network access control. A security vulnerability exists in Aruba Networks ClearPass Policy Manager CPPM, which can be exploited by remote administrators to execute arbitrary SQL commands...

Cisco Unified Web and E-Mail Interaction Manager SQL Injection Vulnerability

Cisco Unified Web and E-mail Interaction Manager are both products in the Customer Collaboration Contact Center of the American Cisco Cisco company. A SQL injection vulnerability exists in Cisco Unified Web and E-Mail Interaction Manager, which could be exploited by a remote attacker to submit a...

Cacti graph.php SQL Injection Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools. The Cacti graph.php script fails to properly filter the localgraphid parameter, allowing remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

IBM Security SiteProtector System SQL Injection Vulnerability

The IBM Security SiteProtector System is a centralized management system that unifies the management and analysis of network, server and endpoint security agents and devices. A SQL injection vulnerability exists in IBM Security SiteProtector System, which allows remote attackers to exploit the...

WordPress Tune Library Plugin SQL Injection Vulnerability

WordPress is a set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up personal blog site.Tune Library is one of the plugin used to import XML iTunes music library files into the WordPress database. A SQL injection vulnerability exists in the...

Cisco Unified Communications Manage SQL Injection Vulnerability

Cisco Unified Communications Manager is the call processing component of the IP Telephony solution from Cisco. A SQL injection vulnerability exists in Cisco Unified Communications Manager due to the program failing to properly filter user-supplied input. This allows an authenticated, remote...

Novell ZENworks 'GetReRequestData' Method SQL Injection Vulnerability

Novell ZENworks is a suite of software that supports automated IT management and business process management across resources within an organization. A SQL injection vulnerability in the 'GetReRequestData' method of the GetStoredResult class in Novell ZENworks allows remote attackers to submit...

The vulnerability of Cisco ACS’s microprogramming software allows a remote attacker to execute arbitrary code.

The vulnerability of the ACS View interface allows a remote authenticated user with administrator privileges to execute arbitrary SQL commands using specially crafted HTTPS requests...

WordPress Plugin All In One WP Security & Firewall admin/wp-security-list-acct-activity.php SQL Injection Vulnerability

WordPress is a set of blogging platform developed in PHP language by WordPress Software Foundation, which supports setting up personal blog sites on servers with PHP and MySQL.All In One WP Security & Firewall Plugin for WordPress is a Wordpress Security Plugin. The All In One WP Security &...