NAPC Xinet Elegant 6 Asset Library Web Interface SQL Injection Vulnerability

The NAPC Xinet interface Elegant 6 Asset Library is a web-based interface to the XIET asset management solution. A SQL injection vulnerability exists in NAPC Xinet interface Elegant 6 Asset Library version 6.1.655. The vulnerability stems from a lack of validation of externally entered SQL...

SQL injection vulnerability in the background cm***_de***_ed***.php page of VANOC enterprise website management system.

Vanno enterprise website management system is an asp + access for the development of asp enterprise website source code. A SQL injection vulnerability exists in the backend cmdeed.php page of Vanno's enterprise website management system. Attackers can use this vulnerability to obtain sensitive...

SQL Injection Vulnerability in SeaChange Collaboration Office System

Wuhan Haichang Information Technology Co., Ltd. is a high-tech enterprise engaged in the research, development and sales of office automation software, collaboration management software and e-government software. An SQL injection vulnerability exists in the SeaChange Collaboration Office system,...

Centreon Web SQL Injection Vulnerability

Centreon Web is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . A SQL injection vulnerability exists in Centreon Web. The vulnerability stems from a lack of...

SQL Injection Vulnerability in Laike E-commerce System (CNVD-2020-00511)

Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. A SQL injection vulnerability exists in Laike E-commerce system, which can be exploited by attackers to access sensitive database information...

IBM Sterling B2B Integrator SQL Injection Vulnerability (CNVD-2019-44534)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A SQL injection vulnerability exists in IBM Sterling B2B...

OpenTrade SQL Injection Vulnerability

OpenTrade is an open source cryptocurrency trading platform. A SQL injection vulnerability exists in versions of OpenTrade prior to 2019-11-23. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

SQL Injection Vulnerability in WebOA Network Office Automation Software

WebOA network office automation software is an office software that allows company employees to download and upload shared information through a browser. A SQL injection vulnerability exists in WebOA Network Office Automation Software. An attacker can exploit the vulnerability to obtain sensitive...

statusnet SQL Injection Vulnerability

statusnet is an open source micro-blogging program written in PHP. A SQL injection vulnerability exists in statusnet 2010 and prior versions. The vulnerability stems from a database-based application that fails to properly validate external input SQL statements. An attacker can exploit the...

rConfig SQL Injection Vulnerability (CNVD-2020-41583)

rConfig is an open source network device configuration management utility . A SQL injection vulnerability exists in rConfig version 3.9.2, which stems from a lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker to execute...

SQL injection vulnerability in the ca***.php file in the background of Yunye CMS (CNVD-2020-00234)

Yunye CMS is an enterprise website building system developed by Luoyang Yunye Information Technology Co. There is a SQL injection vulnerability in the background ca.php file of Yunye CMS. Attackers can use the vulnerability to obtain sensitive information in the database...

SQL injection vulnerability in phpyun in***.class.php file

PHP cloud talent system phpyun is an open source talent and enterprise job search recruitment, hiring solutions built using PHP and MySQL database. The phpyun in.class.php file contains a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information...

UBUNTU-CVE-2013-2091

SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php...

Centreon SQL Injection Vulnerability (CNVD-2019-42246)

Centreon Merethis Centreon is a French company Centreon needs to be used with Nagios with open source IT monitoring software. A SQL injection vulnerability exists in versions of Centreon Web prior to 2.8.27. The vulnerability stems from a lack of validation of externally entered SQL statements in...

Metinfo SQL Injection Vulnerability (CNVD-2019-42846)

MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A SQL injection vulnerability exists in MetInfo. The vulnerability stems from a lack of validation of externally entered SQL statements in the database-based application. An attacker can exploit this...

SQL Injection Vulnerability in ECTouch Mobile Mall System v2.7.2

ECTouch is Shanghai Shangchuang Network Technology Co., Ltd. launched a set of PHP and MySQL database based on the construction of open source and easy to use mobile mall store system. ECTouch Mobile Mall System v2.7.2 suffers from a SQL injection vulnerability, which can be exploited by attacker...

CloudBoot SQL Injection Vulnerability

iDCOS CloudBoot is an open source X86 server configuration and installation tool from China's CloudBoot Technology iDCOS. CloudBoot suffers from a SQL injection vulnerability. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An...

Pimcore SQL Injection Vulnerability (CNVD-2019-42564)

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A SQL injection vulnerability exists in version...

Web Service suffers from sql injection vulnerability

WebService is a cross-programming language, cross-operating system platform remote invocation technology. Web Service has a sql injection vulnerability that can be exploited by an attacker to obtain sensitive database information...

SQL Injection Vulnerability in opensns Backend

OpenSNS is a comprehensive social software developed by Thinking Sky. A SQL injection vulnerability exists in the opensns backend, which can be exploited by attackers to obtain sensitive information from the database...