SQL Injection Vulnerability in Enterprise Side Internet Integrated Management Platform

Beijing Yahong Century Technology Development Co., Ltd. is a technology company specializing in Internet spatial data governance, network and information security and data value-added solutions and services. An SQL injection vulnerability exists in the Enterprise Side Internet Integrated Manageme...

Apache Fineract SQL Injection Vulnerability (CNVD-2019-19050)

Apache Fineract is a set of open source digital financial services platform of the U.S. Apache Apache Software Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. An SQL injection vulnerability...

Dutch Auction Factory Component SQL Injection Vulnerability in Joomla!

Joomla! is a U.S. Open Source Matters team using PHP and MySQL development of a set of open source, cross-platform content management system CMS. Dutch Auction Factory is used in one of the auction site to create extensions . A SQL injection vulnerability exists in the Dutch Auction Factory...

Mito website building system has information leakage vulnerability

metinfo mito system is an enterprise website management system with PHP Mysql architecture. Version 6.2.0 of the metinfo website builder system has an information leakage vulnerability that can be exploited by attackers to download sql files and obtain sensitive information...

SalesAgility SuiteCRM SQL Injection Vulnerability (CNVD-2019-16997)

SalesAgility SuiteCRM is a suite of enterprise-grade open source customer relationship management CRM. A SQL injection vulnerability exists in SalesAgility SuiteCRM versions 7.10.x prior to 7.10.17 and 7.11.x prior to 7.11.5, which can be exploited by an attacker to execute illegal SQL commands...

HotelDruid SQL Injection Vulnerability (CNVD-2019-17320)

HotelDruid is a hotel management system from the DigitalDruid.Net team. The system includes features such as room management, financial management and inventory management. A SQL injection vulnerability exists in HotelDruid versions prior to 2.3.1. The vulnerability stems from a lack of validatio...

SQL Injection Vulnerability in One-Card System of Zhengzhou Xinkai Pu Electronic Technology Co.

Zhengzhou New Cape Electronic Technology Co., Ltd. is a company whose main business scope includes computer system integration, development and operation and maintenance, software, smart card machine and other projects. Zhengzhou XinKaipu Electronic Technology Co., Ltd. one card system there is a...

Quest Software Kace K1000 Appliance SQL Injection Vulnerability

Quest Software Kace K1000 Appliance is a system management appliance from Quest Software, USA. The product is used for software license management, patch and endpoint security management, software distribution and server monitoring functions. A SQL injection vulnerability exists in Quest Kace K10...

IBM PureApplication System SQL Injection Vulnerability

IBM PureApplication System is a platform system from IBM USA designed for transactional Web and database applications. The system is capable of handling workloads and can be maintained and updated from a single console for all configurations. A SQL injection vulnerability exists in IBM...

SQL Injection Vulnerability in the Website Management System of Henan Lisuo Internet Information Technology Co.

Henan Lisuo Internet Information Technology Co., Ltd. is an Internet comprehensive service organization. There is a SQL injection vulnerability in the website management system of Henan Lisuo Internet Information Technology Co., Ltd, which can be exploited by attackers to obtain sensitive...

Vtiger CRM SQL Injection Vulnerability (CNVD-2019-16507)

Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by American Vtiger. The management system provides management, collection and analysis of customer information and other functions. A SQL injection vulnerability exists in the...

SQL Injection Vulnerability in Tpshop v3.5 Ar***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 Ar.php page. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in Tpshop v3.5 Sm***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 Sm.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

SQL injection vulnerability in Tpshop v3.5 To***.php page (CNVD-2019-17503)

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 To.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

Computrols CBAS Web SQL Injection Vulnerability

CBAS Web is a Web-based building management system BMS from Computrols. A SQL injection vulnerability exists in Computrols CBAS Web. The vulnerability stems from improper validation of parameters passed to different scripts. A remote authenticated attacker could exploit the vulnerability to execu...

SQL Injection Vulnerability in SemCms

SemCms is an open source foreign trade enterprise website management system, mainly used for foreign trade enterprises. SemCms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

CommSy SQL Injection Vulnerability

Commsy is a Web-based, open source community system for project management. A SQL injection vulnerability exists in CommSy version 8.6.5. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerabili...

CVE-2019-1824

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplie...

SQL Injection Vulnerability in AICA CMS Backend li***.php

Acme CMS is a full-featured, PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction CMS building system. Acme CMS background li.php SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

OpenProject SQL Injection Vulnerability

OpenProject is an open source Web-based project management software . The software has project planning , task management , bug tracking and cost budgeting and other functions . A SQL injection vulnerability exists in OpenProject versions 5.0.0 through 8.3.1. The vulnerability stems from a lack o...