Pimcore SQL Injection Vulnerability (CNVD-2019-42564)

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A SQL injection vulnerability exists in version...

SQL Injection Vulnerability in opensns Backend

OpenSNS is a comprehensive social software developed by Thinking Sky. A SQL injection vulnerability exists in the opensns backend, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Super CMS da***.ma***.php

Super CMS content management system in order to solve the problem of website optimization and development of a set of products, it is an efficient open source content management system, the product is based on PHP + MYSQL architecture, can run on Windows, Linux, MacOSX, Solaris and other various...

CVE-2019-2211

In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...

SQL Injection Vulnerability in ZZCMS Frontend

ZZCMS is a content management system for Merchants Network. A SQL injection vulnerability exists in the frontend of ZZCMS. An attacker can exploit this vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in the i*** Parameters of Thunderwind Movie CMS Mo***.php Page

Thunderwind CMS is a video-on-demand system developed using Thinkphp framework + Mysql to ensure the stability and efficiency of the program. Thunderwind Movie CMS Mo.php page i parameters exist SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive...

YouPHPTube 'id' Parameter SQL Injection Vulnerability

YouPHPTube is a PHP-based video website system. A SQL injection vulnerability exists in the 'id' parameter of the /plugin/ADServer/view/campaignsVideos.json file in YouPHPTube version 7.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based...

WordPress pretty-link plugin SQL injection vulnerability

WordPress is the WordPress Foundation's set of blogs using PHP language development guest platform. The platform supports setting up personal blog sites on PHP and MySQL servers. pretty-link is a plugin for adding hyperlinks to web pages. WordPress pretty-link plugin version 1.6.8 before the...

SQL Injection Vulnerability in Air Quality System Publishing System

Zhuhai Goling Information Technology Co., Ltd. is a high-tech enterprise engaged in research and development of core technology of information network, production of professional equipment and network application service. An SQL injection vulnerability exists in the Air Quality System Publishing...

SQL injection vulnerability in the co***.cl***.php file of the Seven Bears library system

Seven bears library system a similar Baidu library online document preview, selling system. A SQL injection vulnerability exists in the co.cl.php file. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Yantai Cloud Pulse Network CMS website building system has SQL injection vulnerability

Yantai Cloud Pulse Network Technology Co., Ltd. is a professional website construction and search engine marketing services provider. Dedicated to small and medium-sized enterprises network marketing services, and website construction, enterprise version of the PC website construction, three-in-o...

ShopsN open source mall system Go***::cl*** file with SQL injection vulnerabilities

ShopsN open source mall system is a product of Shanghai Yiso Network Technology Co., Ltd. an enterprise-class commercial standard full-featured allow free commercial use of open source online store full network system . ShopsN open source mall system Go::cl file SQL injection vulnerability ,...

WordPress Relevanssi Premium Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Relevanssi Premium plugin versions prior to 1.14.6.1. The...

S-CM e-commerce system aj***.php page P_sort parameter SQL injection vulnerability

S-CMS e-commerce system is an e-commerce software. S-CM e-commerce system aj.php page Psort parameter SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive information...

SQL Injection Vulnerability in FlameCMS

FlameCMS lightweight modular front-end framework for developing fast, powerful web interfaces. FlameCMS suffers from a SQL injection vulnerability that can be exploited by attackers to obtain database information...

S-CMS enterprise website builder system backend P_br*** parameter exists SQL injection vulnerability

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the Pbr parameter in the background of S-CMS enterprise website building system. Attackers...

Pangu Network Technology website builder system suffers from SQL injection vulnerability

Pangu Network is a regional service operator authorized by Baidu, a group of companies providing integrated network marketing services to customers in the region with Baidu's business as the core. A SQL injection vulnerability exists in Pangu Network Technology's website builder system, which can...

openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data

A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...

Dutch Auction Factory Component SQL Injection Vulnerability in Joomla!

Joomla! is a U.S. Open Source Matters team using PHP and MySQL development of a set of open source, cross-platform content management system CMS. Dutch Auction Factory is used in one of the auction site to create extensions . A SQL injection vulnerability exists in the Dutch Auction Factory...

SQL Injection Vulnerability in phpshe v1.7 (CNVD-2019-12520)

PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation feedback and other functions, providing users with online shopping mall construction program. phpshe v1.7 version of the existence of SQL...