eClass platform SQL Injection Vulnerability

eClass platform is an open source course management system organized by GUnet Greece. A SQL injection vulnerability exists in versions of eClass platform prior to ip.2.5.10.2.1. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. ...

SQL Injection Vulnerability in AIOT Structural Health Monitoring System

Shanghai Tonglei Civil Engineering Technology Co., Ltd. is a professional technical service company dedicated to providing information technology solutions in the building structure industry. AIOT structural health monitoring system has a SQL injection vulnerability, which can be exploited by...

ZZZPHP foreground search with SQL injection vulnerability

ZZZPHP is a free website builder developed in PHP language. ZZZPHP front-end search SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

marginalia SQL Injection Vulnerability

marginalia is a package for adding annotations to ActiveRecord queries. A SQL injection vulnerability exists in versions prior to marginalia 1.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

WordPress AJdG AdRotate Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.AJdG AdRotate plugin is an ad management plugin used in it. A SQL injection vulnerability exists in WordPress AJdG AdRotate plugin...

ZZCMS SQL Injection Vulnerability (CNVD-2019-24373)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in ZZCMS 8.3 and earlier versions. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this...

SQL Injection Vulnerability in VANOC Enterprise Website Management System Backend

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. VANOC enterprise website management system backend has SQL injection vulnerability, attackers can exploit the vulnerability to obtain database information...

Harbin Youyang Technology Co., Ltd. website building system has SQL injection vulnerabilities

Harbin Youyang Technology Co., Ltd. is an Internet application technology and consulting service provider. There is a SQL injection vulnerability in the website building system of Harbin YouYang Technology Co., Ltd, which can be exploited by attackers to obtain sensitive information...

WordPress FV Flowplayer Video Player SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.FV Flowplayer Video Player is a video player plugin used in it. A SQL injection vulnerability exists in WordPress FolioVisio...

SQL Injection Vulnerability in Xiamen Phoenix Chuangyi Software Co.

Phoenix Chuangyi software development teaching and training software, providing vivid image of three-dimensional interactive teaching, for the construction of high-quality professional schools, innovative teaching mode and teaching content to provide a powerful support platform. Xiamen Phoenix...

Hubei Yibaitian Network Media Co., Ltd. website builder system has SQL injection vulnerability

YBTS Network Media operates computer software and hardware R&D business and Internet data business in Shanghai Telecom's Caobao Road/Wai Gao Qiao/Wusheng Road and other national server rooms. Hubei YBTS Network Media Co., Ltd. website building system has SQL injection vulnerability, attackers can...

CVE-2019-7003

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execute arbitrary SQL commands and retrieve sensitive data related to other users on the system. Affected versions of Avaya Control Manager include 7.x and 8.0.x versions...

SQL Injection Vulnerability in Normandy Technology Website Building System

Zhongshan Normandy Information Technology Co., Ltd. is a service organization that provides network informatization for enterprises and institutions. Normandy Technology website building system has SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information in...

Trape SQL Injection Vulnerability (CNVD-2019-22230)

Trape is a suite of open source Internet tracking and identification tools. The tool is capable of remotely identifying sessions and simulating phishing attacks. A SQL injection vulnerability exists in Trape 2019-05-08 and prior versions. The vulnerability stems from a lack of validation of...

openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data

A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...

SQL Injection Vulnerability in AIT CMS

Hainan Zanzan Network Technology Co., Ltd. is a professional website construction, network services, operation technology output network company in the industry. There is a SQL injection vulnerability in AIT CMS, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Zhongyan Ruihua Video Surveillance Management Platform

Ningbo Zhongyan Ruihua Digital Technology Co., Ltd former Oriental Ruihua develops and sells "RUIHUA" Ruihua 3G wireless video surveillance, cell phone video surveillance, wireless data transmission, software development and other series of products. A SQL injection vulnerability exists in Ruihua...

SQL Injection Vulnerability in Beijing Night Cat Website Building System

Beijing Nightcats Tiancheng Network Technology Co., Ltd referred to as Nightcats Network, is a professional website design and website construction service provider. There is a SQL injection vulnerability in Beijing Nightcats website building system, which can be exploited by attackers to obtain...

openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data

A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...

CSZ CMS SQL Injection Vulnerability

CSZ CMS is a PHP-based open source content management system CMS. A SQL injection vulnerability exists in the core/MYSecurity.php file in CSZ CMS version 1.2.2 prior to 2019-06-20. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based application...