WordPress WatuPRO SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports the setting up of personal blog sites on servers with PHP and MySQL.WatuPRO plugin is one of the online quiz plugin. A SQL injection vulnerability exists in WordPress WatuPRO...

Pragyan CMS SQL Injection Vulnerability (CNVD-2017-32462)

Pragyan CMS is a multi-user, modular PHP and MySQL based Content Management System CMS. The system supports custom built-in frameworks, user group rights management, search engine optimization and more. A SQL injection vulnerability exists in Pragyan CMS version 3.0. A remote attacker can exploit...

SQL Injection Vulnerability in SDCMS v1.2 Tag Lists

SDCMS is a PHP 3-in-1 website management system independently developed by Fireworks Network. SDCMS v1.2 version of the label list exists SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in OURPHP Message Boards

OURPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. A SQL injection vulnerability exists in the OURPHP V1.7.3 message board, which is caused by the system failing to strictly filter the parameters entered by the user. ...

SQL injection vulnerability in the product.asp page of the website building system of Dongguan Starlight Technology Co.

Dongguan Starlight Technology Co., Ltd. website builder is a website builder system. A SQL injection vulnerability exists in the product.asp page of the website builder system of Dongguan Starlight Technology Co. The vulnerability is due to the system fails to effectively filter the data submitte...

Wenzhou Starlight Technology Development Co., Ltd. website builder system newLook.asp page SQL injection vulnerability

Wenzhou Starlight Technology Development Co., Ltd. website builder is a website builder system. There is a SQL injection vulnerability in the newLook.asp page of the website builder system of Wenzhou Starlight Technology Development Co. The vulnerability is due to the system fails to effectively...

OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite SQL Injection Vulnerabilities

The SiteSentinel Integra 100, SiteSentinel Integra 500 and SiteSentinel iSite ATG are products that provide tank monitoring capabilities for OPW's fuel management system. An SQL injection vulnerability exists in OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite, which can be...

SQL injection vulnerability in Nlist.aspx and Mall_Teacher.aspx pages of Xinqi Online Learning System.

Xinqi Online Learning System is an online learning platform system that can make learning plans, realize supervision and monitoring, and assist learning. A SQL injection vulnerability exists in the Nlist.aspx and MallTeacher.aspx pages of Xinqi Online Learning System. An attacker can use this...

SQL Injection Vulnerability in UCMS

UCMS is a simple open source content management system . UCMS version 1.4.3 SQL injection vulnerability , an attacker can exploit the vulnerability to obtain sensitive database information...

Shijiazhuang Times Interactive Technology Co., Ltd. website building system has SQL injection vulnerabilities

Times Interactive website builder is an enterprise website builder. Shijiazhuang Times Interactive Technology Co., Ltd. website builder system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Joomla! Quiz Deluxe component SQL injection vulnerability

Joomla! is an open source, cross-platform content management system developed using PHP and MySQL. A SQL injection vulnerability exists in the Quiz Deluxe component of Joomla! that can be exploited by attackers to obtain sensitive database information...

CVE-2017-12710

A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.220170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information...

Xiamen Dragon Pulse website building system products.asp page sid parameter SQL injection vulnerability

Xiamen Dragon Pulse Network is a website building system. Xiamen Dragon Pulse Network website builder system products.asp page sid parameter exists SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...

Advantech WebAccess SQL Injection Vulnerability (CNVD-2017-23886)

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess suffers from a SQL injection...

Yunnan Dandelion Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Yunnan Dandelion Network Technology Co., Ltd. is a station building system. A SQL injection vulnerability exists in Yunnan Dandelion Network Technology Co. The vulnerability is due to the system id parameter does not filter the data submitted by the user, a remote attacker can exploit the...

Unspecified SQL Injection Vulnerability in SAP NetWeaver

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. SAP NetWeaver suffers from an unspecified SQL injection vulnerability due to the program's failure to adequately...

SQL Injection Vulnerability in the file /qkshowmarc/show_xk.asp of the Mythos™ Literature Management System

Mythos™ Document Management System is a library management reference platform with a professional database as the backend data storage on Windows or UNIX/Linux platform. A SQL injection vulnerability exists in the Qkxxbid parameter of the file /qkshowmarc/showxk.asp in the Mythos™ Document...

SQL Injection Vulnerability in Mythos™ Documentation Management System

Mythos™ Document Management System is a library management reference platform with a professional database as the backend data storage on Windows or UNIX/Linux platform. A SQL injection vulnerability exists in Mythic™ Document Management System, which can be exploited by attackers to obtain...

SQL Injection Vulnerability in Xiaowei OA v2.0

Xiaowei OA system is Beijing Xiaowei Help Technology Co., Ltd. to provide mobile office platform for small and medium-sized enterprises. SQL injection vulnerability exists in Xiaowei OA v2.0, which can be exploited by attackers to obtain sensitive information from the database...

NexusPHP SQL Injection Vulnerability

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. SQL injection vulnerability in the massmail.php file in NexusPHP version 1.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...