odata4j sql injection vulnerability

odata4j is a new open source toolkit. A SQL injection vulnerability exists in odata4j version 0.7.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the vulnerability to execute illegal SQL commands...

YCCMS suffers from SQL injection vulnerability (CNVD-2020-24720)

YCCMS is a PHP version of a lightweight website building system. YCCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Heybbs Backend ad**.php Page

Heybbs micro-community is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community program. Heybbs background ad.php page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in Heybbs Backend ad***_se***.php Page

Heybbs micro-community is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community program. Heybbs background adse.php page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in Heybbs Backend no***.php Page

Heybbs micro-community is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community program. Heybbs background no.php page SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

S-CMS suffers from SQL injection vulnerability (CNVD-2020-27168)

S-CMS is a corporate website building system developed by Zibo Shining Network Technology Co. S-CMS has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

CVE-2020-10817

The custom-searchable-data-entry-system aka Custom Searchable Data Entry System plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued...

Samsung Mobile Device SQL Injection Vulnerability (CNVD-2020-32869)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. Samsung mobile devices suffer from a SQL injection vulnerability that can be exploited by attackers to execute arbitrary SQL queries with the help of specially crafted SQL statements...

Web exhibition PHP foreign trade enterprise website red style has SQL injection vulnerability

Netzhan Technology Beijing Century Netzhan Technology Co., Ltd. is an Internet service operator specializing in the field of exhibition shows. Nethub PHP foreign trade enterprise website red style SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive...

Grandstream UCM6200 SQL Injection Vulnerability (CNVD-2020-23201)

The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. An SQL injection vulnerability exists in the HTTP interface of the Grandstream UCM6200 versions prior to 1.0.19.20 and 1.0.20.17, which can be exploited by an attacker to execute shell commands...

SQL Injection Vulnerability in Shanghai Enterprise Torch Advertising Media Co.

Ltd. is committed to providing all kinds of enterprises and institutions with network domain name registration, web hosting rental, website construction and maintenance, website promotion and publicity, website revision and translation, enterprise post office, network payment, system integration,...

U-Mail mail server software suffers from SQL injection vulnerability ( CNVD-2020-26499).

U-Mail mail server software is a domestic first-tier brand that really provides lifetime free upgrades to the mail system, including data upgrades to the mail system, antivirus engine, and anti-spam engine. U-Mail mail server software has SQL injection vulnerability, attackers can use the...

SQL Injection Vulnerability in Hospital Purchasing and Supply Collaboration Platform of Beijing Zhicheng Yuyuan Technology Co.

The hospital procurement and supply collaboration platform is a real-name procurement and supply collaboration service platform for medical institutions and supplier enterprises in the distribution chain of the pharmaceutical and equipment supply chain. There is a SQL injection vulnerability in t...

SQL Injection Vulnerability in YUZHIGUO CMS sh***.asp Page

YUZHIGUO CMS is a content management system written in asp and using utf-8 coding. A SQL injection vulnerability exists in the YUZHIGUO CMS sh.asp page, which can be exploited by an attacker to obtain sensitive information from the database...

Cisco SD-WAN Solution vManage Command Injection Vulnerability

Cisco SD-WAN Solution is a set of network extension solutions from Cisco. vManage is a network management system. A command injection vulnerability exists in the Web UI in Cisco SD-WAN Solution vManage Release prior to 19.2.2, which stems from the Web UI failing to properly validate SQL values. A...

NETSAS Enigma NMS Information Disclosure Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in NETSAS Enigma NMS version 65.0.0 and prior versions, which originates from the program not encrypting data stored in the SQL database. An attacker can exploit the...

LogicalDoc SQL Injection Vulnerability

LogicalDOC is a set of document management system developed using Java technology . The system has Lucene full-text search indexing and automatic import and other functions. A SQL injection vulnerability exists in LogicalDoc versions prior to 8.3.3. The vulnerability stems from a lack of validati...

PT-2020-2125 · Cisco · Cisco Sd-Wan Solution Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Solution vManage software affected versions not specified Description: The issue is related to a lack of protection against SQL query structure attacks in the vManage web interface of Cisco SD-WAN. This could allow a remote...

SuiteCRM SQL Injection Vulnerability (CNVD-2020-18564)

SuiteCRM is a free open source customer relationship management application. SuiteCRM suffers from an SQL injection vulnerability. No detailed vulnerability details are provided at this time...

ShopsN open source mall system v3.0.0 sh*** parameter SQL injection vulnerability

ShopsN open source mall system is a product of Shanghai Yisu Network Technology Co. Ltd. ShopsN open source mall system v3.0.0 sh parameter SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...