CVE-2018-1414

IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 138820...

CVE-2018-0825

StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how objects are handled in...

Cisco Unified Communications Manager SQL Injection Vulnerability (CNVD-2018-05337)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A SQL injection vulnerability...

ZhandexMap SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions.Zh YandexMap is used in one of the distribution of maps through the Yandex Maps service component . A SQL injection...

Worry-Free Shopping System ASP General Edition suffers from SQ Injection Vulnerability

Hassle-free shopping system ASP General Edition is a shopping site based on ASP/Access development of general management system set up. Worry-Free Shopping System ASP General Edition suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database...

SQL Injection Vulnerability in Shop7z Online Shopping System Supreme Edition

Shop7z online shopping system is ASP online store platform software, providing comprehensive application services based on Internet solutions. Shop7z Online Shopping System Supreme Edition suffers from SQL injection vulnerability, which can be exploited by attackers to access or modify database...

SQL Injection Vulnerability in Uno Network Technology Website Building System

Shenyang Uno Technology Co., Ltd. is a one-stop service brand marketing planning company committed to providing Chinese enterprises with one-stop service suitable for the development of the times, integrating enterprise station building, search engine optimization, WAP website, APP client and so...

SQL Injection Vulnerability in Chiayi County's Management Resources Inquiry System

The Kiawah County Management Information System is a content management system. Chiayi County Management Information Query System suffers from SQL injection vulnerability, which can be exploited by attackers to access or modify sensitive database information...

SQL Injection Vulnerability in zzcms 8.2 user/check.php File

zzcms is an enterprise website builder program It is an enterprise website builder program. An SQL injection vulnerability exists in the user/check.php file of zzcms version 8.2, which can be exploited by attackers to access or modify database data...

Affiligator Affiliate Webshop Management System SQL Injection Vulnerability

Affiligator Affiliate Webshop Management System is a PHP-based web store management system. A SQL injection vulnerability exists in Affiligator Affiliate Webshop Management System version 2.1.0. A remote attacker can inject SQL commands with the help of search/?q=&pricetype=range&price= requests...

SQL Injection Vulnerability in the Enterprise Website System of Zhongshan Tengning Network Technology Co.

Zhongshan TENNING Network Technology Co., Ltd. is a professional and technical company focusing on enterprise website construction, promotion, WeChat development, focusing on providing SMEs with the most cost-effective website building services. TENNING Network Technology Co., Ltd. corporate...

Website Security Dog (Apache Edition) V4.0 suffers from SQL injection vulnerability (CNVD-2018-02087)

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. Allows attackers to exploit the...

Web Security Dog (Apache Edition) V4.0 suffers from SQL Injection Vulnerability

Website Security Dog Apache Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features. Web Security Dog Apache Edition V4.0 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability...

SQL Injection Vulnerability in DocCms 2016

DocCMS rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is a free and open source enterprise website building system, enterprise website generation system. DocCms 2016 has a SQL injection vulnerability,...

SQL Injection Vulnerability in Dispnews.asp Page of Website Construction System of Jingmen Xinnet Technology Development Co.

Jingmen City, Xin network technology development limited company is a network brand marketing and enterprise management information technology professional service providers. There is a SQL injection vulnerability in the dispnews.asp page of the website construction system of Jingmen Xinnet...

SQL Injection Vulnerability in Xi'an Hongbo Network Technology Co.

Xi'an Hongbo Network Technology Co., Ltd. is a professional design team integrating network preparation, digital film and television production, and brand visual design. Xi'an Hongbo Network Technology Co., Ltd. website construction system suffers from SQL injection vulnerability. Attackers can...

Microsemi Symmetricom s350i SQL Injection Vulnerability

Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. A SQL injection vulnerability exists in the 'checkPassword' function in the Microsemi Symmetricom s350i version 2.70.15. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

CVE-2017-1670

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637...

Muslim Matrimonial Script SQL Injection Vulnerability

Muslim Matrimonial Script is a community matrimonial script for matrimonial websites by PHP Scripts Mall. PHP Scripts Mall Muslim Matrimonial Script has a SQL injection vulnerability. The vulnerability can be exploited to conduct SQL injection attacks via the view-profile.php memid parameter...

DEBIAN-CVE-2017-17920

SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted...