openSIS SQL Injection Vulnerability

openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in the email parameter in EmailCheck.php in openSIS 7.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injection attack...

openSIS SQL Injection Vulnerability (CNVD-2020-51259)

openSIS is a free, open source student information system/school management software. A SQL injection vulnerability exists in the GetSchool.php function in openSIS 7.3. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to conduct a SQL injection attack...

F5 BIG-IP AFM Configuration Tool SQL Injection Vulnerability

The F5 BIG-IP AFM is an advanced firewall device. The F5 BIG-IP AFM configuration tool suffers from a sql injection vulnerability that can be exploited by remote attackers to submit a special SQL request to manipulate a database, which can be used to obtain sensitive information or execute...

YouDianCMS suffers from SQL injection vulnerability (CNVD-2020-56377)

YouDianCMS set computer website, mobile website, micro letter, APP, small program in one, share space, data automatic synchronization, is the domestic open source five station one excellent solution. YouDianCMS has SQL injection vulnerability, attackers can use the vulnerability to obtain databas...

YouDianCMS suffers from SQL injection vulnerability (CNVD-2020-56376)

YouDianCMS set computer website, mobile website, micro letter, APP, small program in one, share space, data automatic synchronization, is the domestic open source five station one excellent solution. YouDianCMS has SQL injection vulnerability, attackers can use the vulnerability to obtain databas...

SQL Injection Vulnerability in the Website Building System of Longcheng Internet Wenzhou Network Company (CNVD-2020-54843)

Wenzhou Longcheng Internet Technology Co., Ltd - is engaged in website construction, website production, website design, graphic design, website optimization, website promotion, album design and other integrated Internet companies. Long Cheng Internet Wenzhou Network Company website building syst...

SQL Injection Vulnerability in phpweb finished website builder system

PHPWEB system is developed with PHP+MYSQL technology, with clear architecture and easy-to-maintain code. Support pseudo-static function, can generate google and baidu map, support keywords and descriptions, in line with SEO standards. phpweb finished website builder system has a SQL injection...

hibernate: SQL injection issue in Hibernate ORM

A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further...

SQL Injection Vulnerability in Website Building System of Linyi Xinbao Network Technology Co. Ltd (CNVD-2020-51582)

Linyi Xinpao Network Technology Co., Ltd. is a company that provides website construction, software development and services, e-commerce, website operation, network marketing and promotion; network technology training consulting and information services; corporate image marketing planning,...

SQL Injection Vulnerability in Standard Pepsi Vi***.ashx Page of RunShen Information Technology (Shanghai) Co.

R&S Information Technology Shanghai Co., Ltd. is a high-tech company specializing in software development and information services. Ltd. SQL injection vulnerability exists in the Standard Pepsi Vi.ashx page, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2020-17373

SugarCRM before 10.1.0 Q3 2020 allows SQL Injection...

CVE-2020-16276

An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database...

SQL Injection Vulnerability in Enterprise Standardized Management System of Runshen Information Technology (Shanghai) Co.

Runshen Information Technology Shanghai Co., Ltd. main standard automatic update management software, file digitization, digitization of the map. Ltd. enterprise standardization management system, there is a SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive...

SQL Injection Vulnerability in Air Pollution Control Monitoring, Early Warning and Decision Support System of Huainan Runcheng Technology Co.

The framework of the air pollution prevention and control grid-based monitoring, early warning and decision support system consists of three parts: the perception layer, the platform layer and the application layer. In the sensing layer, monitoring points are laid out according to the actual dema...

SQL Injection Vulnerability in Website Building System of Shenzhen Shenzhou Tongda Network Technology Co.

Shenzhen Shenzhou Tongda Network Technology Co., Ltd, provides Tencent enterprise mailbox, high-end website construction PC website, cell phone website, WeChat public account, SEO optimization and promotion, enterprise WeChat and other network infrastructure services and network marketing and...

CVE-2020-7356

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinderseqid' in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

SQL Injection Vulnerability in OA Office System of Chengdu Huigao Software Co.

Chengdu Huigao Software Co., Ltd. is an OA software developer and service provider. A SQL injection vulnerability exists in the OA office system of Chengdu Huigao Software Co. The vulnerability can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in ECSHOP v2.7.3 by Merchant Pie Software Ltd.

ECShop is a professional e-commerce mall system. A SQL injection vulnerability exists in ECSHOP v2.7.3 of Merchant Pie Software Limited, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in p***.php page of website building system of Inner Mongolia Wando Information Technology Co.

Wando Technology is an information technology company dedicated to enterprise informatization application services, in order to actively promote the development of enterprise informatization and e-commerce, because of the transparency, so the integrity of the enterprise policy. It is an applicati...

SQL injection vulnerability in Shanghai Zhihu Information Technology's website bu***_de*** system

Shanghai Zhihu Information Technology Co., Ltd. precipitated 5 years, each industry comprehensive business scenarios, combined with the ability of technological innovation, to provide social e-commerce, home furnishing industry, tourism and travel and other areas of the solution. Shanghai Zhihu...