SQL Injection Vulnerability in WebShow Shopping System V5.4 listjp.asp

Net show shopping system is a shopping site developed with asp + access. A SQL injection vulnerability exists in NetShow Shopping System V5.4 listjp.asp. An attacker can obtain sensitive database information by constructing specific SQL statements...

PHPSUGAR PHP Melody SQL Injection Vulnerability (CNVD-2017-32540)

PHPSUGAR PHP Melody is a PHP-based content management system for video websites. A SQL injection vulnerability exists in PHPSUGAR PHP Melody versions prior to 2.7.3. A remote attacker can perform a display list operation on the watch.php file and exploit the vulnerability to execute arbitrary SQL...

SQL Injection Vulnerability in Opensns CheckInController.class.php Page

OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. A SQL injection vulnerability exists in the Opensns CheckInController.class.php page. An attacker can exploit the vulnerability to obtain sensitiv...

LetoDMS SQL Injection Vulnerability (CNVD-2017-35203)

LetoDMS is a document management system based on PHP+MySQL development. A SQL injection vulnerability exists in LetoDMSCore/Core/inc.ClassDMS.php in LetoDMS before version 3.3.8, which can be exploited by remote attackers to execute arbitrary SQL commands...

SQL Injection Vulnerability in DM Enterprise Website System

DM building system is developed by php + mysql a set of specialized for small and medium-sized enterprise website construction of open source cms. DM enterprise website builder system multiple parameters exist SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive...

Jiangxi Talent Software Technology Co., Ltd. enterprise station building system with SQL injection vulnerability

Jiangxi Talent Software Technology Co., Ltd. enterprise station-building system is a station-building system. Jiangxi Talent Software Technology Co., Ltd. enterprise station building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information in the...

SQL Injection Vulnerability in State Micro CMS opinion-wzxz

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. A SQL injection vulnerability exists in State Micro CMS opinion-wzxz. An attacker can exploit this vulnerability to obtain sensitive...

Frappe frappe.share.get_users SQL Injection Vulnerability

Frappe is a WEB application. Frappe frappe.share.getusers suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

Catfish CMS v4.5.7 SQL Injection Vulnerability in Frontend

Catfish CMS is open source free PHP CMS web content management system. Catfish CMS v4.5.7 suffers from a SQL injection vulnerability in the frontend. An attacker can exploit this vulnerability to obtain sensitive database information...

Cash Back Comparison Script SQL Injection Vulnerability

Cash Back Comparison Script is a cash back script. A SQL injection vulnerability exists in Cash Back Comparison Script version 1.0. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Trend Micro Mobile Security SQL Injection Vulnerability

Trend Micro Mobile Security Enterprise is a set of cell phone security software from Trend Micro that integrates cell phone security scanning, real-time protection against malicious programs and monitoring of malicious behavior. A SQL injection vulnerability exists in versions of Trend Micro Mobi...

WordPress Responsive Image Gallery Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.Responsive Image Gallery plugin is one of the image management plugin. A SQL injection vulnerability exists in WordPre...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

Pragyan CMS SQL Injection Vulnerability (CNVD-2017-34577)

Pragyan CMS is a multi-user, modular PHP and MySQL based Content Management System CMS. The system supports custom built-in frameworks, user group rights management, search engine optimization and more. A SQL injection vulnerability exists in Pragyan CMS version 3.0. A remote attacker can exploit...

SQL Injection Vulnerability in Guizhou Chitong Network Technology Co.

Guizhou Chitong Network Technology Co., Ltd. is an Internet service provider. The services offered include: website direct ID registration, website full network promotion, enterprise official website construction, e-commerce platform type website construction, website optimization outsourcing and...

Wordpress plugin image-gallery-with-slideshow 'imgid' parameter SQL injection vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Wordpress plugin image-gallery-with-slideshow. A remote attacker can exploit the...

EyesOfNetwork web interface SQL injection vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

EyesOfNetwork web interface SQL injection vulnerability (CNVD-2017-33830)

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

SQL Injection Vulnerability in ShopsN v2.0 Frontend OrderController.class.php File

ShopsN is a free e-commerce open source system. ShopsN v2.0 official version of the front-end OrderController.class.php file SQL injection vulnerability . As the system fails to effectively filter the addrdel function. A remote attacker can exploit the vulnerability to obtain sensitive informatio...

SQL injection vulnerability in Ocean CMS \admin\admin_ajax.php page

Ocean Movie Management System seacms, Ocean CMS is a video-on-demand system designed for webmasters with different needs. Ocean CMS \admin\adminajax.php page SQL injection vulnerability. The vulnerability is due to the system failing to effectively filter the data submitted by the user. An attack...