SQL Injection Vulnerability in ThinkLC Classifieds Expand.php Page

ThinkLC Classified Information System is a local classified information system built on PHP+MYSQL development. A SQL injection vulnerability exists in the thinkLC Classified Information System expand.php page. The vulnerability is caused due to the system failing to effectively filter...

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. sql database interface is one of...

SQL injection vulnerability in YxtCMF frontend ShitiController.class.php page

YxtCMF Yi Xue Tang Online Learning System is an online learning platform system developed with thinkphp+bootstrap as the framework. A SQL injection vulnerability exists in the YxtCMF frontend ShitiController.class.php page. The vulnerability is due to the system failing to effectively filter...

ZOHO ManageEngine Applications Manager SQL Injection Vulnerability (CNVD-2017-37248)

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A SQL injection...

SQL Injection Vulnerability in Ming Enterprise Technology Website Construction System

Shanghai Ming Enterprise Information Technology Co., Ltd Ming Enterprise Technology is engaged in website construction, network marketing, domain name hosting and Internet application development. A SQL injection vulnerability exists in Ming Enterprise's website construction system. The...

CVE-2017-12302

A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. The vulnerability is due to a lack of input validation on user-suppli...

SQL injection vulnerability in shownews.hb page of website building system of Jiangxi Huabang Media Co.

Jiangxi Huabang Media Co., Ltd. is a comprehensive IT company integrating enterprise informationization construction, network development and Internet marketing. There is a SQL injection vulnerability in the shownews.hb page of the website building system of Jiangxi Huabang Media Co. The...

SQL Injection Vulnerability in News.asp Page of Frontier Technology Website Building System

Zaozhuang Frontier Technology Co., Ltd. is a technology enterprise engaged in software technology services. A SQL injection vulnerability exists in the news.asp page of Frontier Technology's website construction system. An attacker can exploit this vulnerability to obtain sensitive information fr...

SQL Injection Vulnerability in auxblogcms 1.0.6

auxblogcms is a php personal blog system based on PHP+MySQL program. auxblogcms 1.0.6 suffers from a SQL injection vulnerability, which is caused due to the system failing to filter parameters effectively. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in the Frontend of Esaote E3 Omni-Channel Retail Management Software

E3 omni-channel retail management software is Esaote's e-commerce ERP system for online sales in the fashion industry, integrating Taobao interface, independent B2C mall system, advanced order processing system, logistics and warehousing system, network marketing and promotion system, and...

Vastal I-Tech Agent Zone SQL Injection Vulnerability

Vastal I-Tech Agent Zone aka The Real Estate Script is a real estate website management system. A SQL injection vulnerability exists in Vastal I-Tech Agent Zone aka The Real Estate Script. A remote attacker can exploit this vulnerability to inject SQL commands...

SQL Injection Vulnerability in Axublog v1.0.6 hit.php Page

Axublog is a PHP personal blog system. A SQL injection vulnerability exists in the Axublog v1.0.6 hit.php page. An attacker can exploit this vulnerability to obtain sensitive database information...

CPA Lead Reward Script SQL Injection Vulnerability

CPA Lead Reward Script is a social research script. A SQL injection vulnerability exists in CPA Lead Reward Script. A remote attacker can exploit this vulnerability to inject SQL commands with the 'username' parameter...

Adult Script Pro SQL Injection Vulnerability

Adult Script Pro is an online multimedia website builder. The system has modules for video viewing, news and user registration. A SQL injection vulnerability exists in Adult Script Pro version 2.2.4. A remote attacker can exploit this vulnerability by sending PATHINFO to the /download URI to inje...

iTech Gigs Script SQL Injection Vulnerability

iTech Gigs Script is an e-commerce website building system. The system features user registration, quotes and comments. A SQL injection vulnerability exists in iTech Gigs Script version 1.21. A remote attacker can inject SQL commands by sending the 'sc' parameter to the browse-scategory.php file ...

Vastal I-Tech Dating Zone SQL Injection Vulnerability

Vastal I-Tech Dating Zone is a dating site system. The system supports user registration, search and forums. A SQL injection vulnerability exists in Vastal I-Tech Dating Zone version 0.9.9. A remote attacker can exploit the vulnerability by sending the 'productid' parameter to the addtocart.php...

Tenable SecurityCenter SQL Injection Vulnerability

Tenable SecurityCenter is a Nessus-inclusive vulnerability management platform from US-based Tenable Network Security. The platform simplifies vulnerability scanning, management and reporting and provides a console to manage policies, alerts, reports and plug-ins for Nessus. An SQL injection...

Data Components tPanel SQL Injection Vulnerability

Data Components tPanel is a set of web hosting control panels that run in the server. A SQL injection vulnerability exists in Data Components tPanel version 2009. A remote attacker could exploit this vulnerability to bypass authentication...

US Zip Codes Database Script SQL Injection Vulnerability

US Zip Codes Database Script is a set of US Zip Codes Database Scripts. A SQL injection vulnerability exists in US Zip Codes Database Script version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands with the 'state' parameter...

SQL Injection Vulnerability in MIPCMS ApiAdminLink.php Page

MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...