SQL Injection Vulnerability in phpaaCMS article.add.php File

phpaaCMS is a simple article management system. A SQL injection vulnerability exists in the phpaaCMS article.add.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

CVE-2017-17897

SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...

PT-2017-15082 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 6.0.4 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. The issue is related to the id parameter in the comm/multiprix.php file. Recommendations: For version 6.0.4, consider...

F5 BIG-IP Advanced Firewall Manager Configuration utility SQL Injection Vulnerability

F5 BIG-IP Advanced Firewall Manager AFM is a firewall manager from F5 USA that scales to stop high-volume DDoS attacks that can overwhelm load balancers, firewalls, and even networks.The Configuration utility... An SQL injection vulnerability exists in Configuration utility in F5 BIG-IP AFM. A...

CVE-2017-17823

The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php orderby array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database...

Ecava IntegraXor SQL Injection Vulnerability (CNVD-2017-37693)

Ecava IntegraXor is a toolset for creating and running human-machine interfaces for Web-based SCADA systems. Ecava IntegraXor suffers from a SQL injection vulnerability that can be exploited by an attacker to compromise an application, access or modify data, or exploit a potential vulnerability i...

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37638)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUPhaseStatus Count method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings...

Apple Web Design's iWeb 5.1 Responsive Website System Has SQL Injection Vulnerability

Apple Web Design is a web marketing company that integrates web marketing, keyword marketing and other web marketing companies. An SQL injection vulnerability exists in Apple Web Design's iWeb 5.1 responsive website system. The vulnerability is caused due to the system failing to effectively filt...

Quest NetVault Backup 'NVBUBackupOptionSet Get' Method SQL Injection Vulnerability

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. An SQL injection vulnerability exists in the handling of NVBUBackupOptionSet Get method requests in Quest NetVault Backup, which stems from the program failing to properly validate user-submitted strings before...

PHP Scripts Mall Yoga Class Script SQL Injection Vulnerability

PHP Scripts Mall Yoga Class Script is a PHP-based yoga class management script for yoga centers from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Yoga Class Script version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands...

PHP Scripts Mall Realestate Crowdfunding Script SQL Injection Vulnerability

PHP Scripts Mall Realestate Crowdfunding Script is a PHP based real estate crowdfunding website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Realestate Crowdfunding Script version 2.7.2. A remote attacker can exploit the vulnerability by sending the...

PHP Scripts Mall Co-work Space Search Script SQL Injection Vulnerability

PHP Scripts Mall Co-work Space Search Script is a set of PHP based shared space search script by PHP Scripts Mall India. The script supports users to list workspace websites, amenities, location details, contact information etc. A SQL injection vulnerability exists in PHP Scripts Mall Co-work Spa...

PHP Scripts Mall Event Search Script SQL Injection Vulnerability

PHP Scripts Mall Event Search Script is a PHP based online event registration script from PHP Scripts Mall India. The script can be embedded into a website and accept online event bookings from other organizations or companies. A SQL injection vulnerability exists in PHP Scripts Mall Event Search...

Zhengzhou DynaSky Culture Communication Co., Ltd. website construction system SQL injection vulnerability

Zhengzhou Prime Technology Co., Ltd. specializes in providing customers with online business solutions in the field of information technology. Zhengzhou DynaSky Culture Communication Co., Ltd. website construction system has a SQL injection vulnerability, which can be exploited by attackers to...

CVE-2017-17609

Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter...

Techno Portfolio Management Panel 'id' SQL Injection Vulnerability

Techno is a portfolio management administration panel. A SQL injection vulnerability exists in Techno Portfolio Management Panel 'id'. An attacker can exploit this vulnerability to inject SQL commands via a single.php?id= request...

SQL Injection Vulnerability in NetMizer Log Management System dologin.php File

The NetMizer log management system is a stand-alone log management and analysis tool. A SQL injection vulnerability exists in the NetMizer Log Management System dologin.php file. The vulnerability is due to the system failing to effectively filter user-submitted data. An attacker is allowed to...

Shenzhen Longyi Pulse Network Technology Co., Ltd. website construction system has SQL injection vulnerability

Shenzhen Longyi Pulse Network Technology Co., Ltd. is committed to providing enterprises and individuals with website construction, animation design, program development, domain name space services, network services and other information services. There is a SQL injection vulnerability in the...

ARK-Web A-Member and A-Member for MT cloud SQL Injection Vulnerabilities

ARK-Web A-Member is a membership site builder plugin for Movable Type from ARK-Web Japan.A-Member for MT cloud is its MT cloud based version. A SQL injection vulnerability exists in ARK-Web A-Member and A-Member for MT cloud 3.8.6 and earlier versions. A remote attacker can exploit this...

SQL Injection Vulnerability in ECShop 3.0.0

ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store. The system is based on PHP language and MYSQL database structure development of cross-platform open source program. A SQL injection vulnerability exists in the...