SQL Injection Vulnerability in Wave OA Intelligent Office Platform

Longchamp Yunhai OA Intelligent Office Platform is aimed at the private and hybrid cloud market, providing open and secure enterprise-class cloud data center operation and maintenance management capabilities. SQL injection vulnerability exists in the Wave OA Office system, allowing attackers to...

WDS CMS SQL Injection Vulnerability

WDS CMS is a website management system. WDS CMS suffers from a SQL injection vulnerability, which can be exploited by an attacker to gain access to the database contents, as well as to upload backdoor files in subsequent attacks...

CVE-2016-1000125

Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla...

PT-2016-6893 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center versions 4.10.3 through 5.4.0 Description: A SQL injection issue allows remote authenticated users to execute arbitrary SQL commands. Recommendations: For versions 4.10.3 through 5.4.0, update to a version th...

3Webs CMS SQL Injection Vulnerability

3Webs CMS is a content management system. 3Webs CMS suffers from a SQL injection vulnerability that can be exploited by an attacker via a SQL injection command, resulting in the disclosure of database information...

Joomla! com_bt_media Component SQL Injection Vulnerability

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the categories0 parameter of the index/php page of the Joomla! combtmedia...

PHPIPAM SQL Injection Vulnerability

phpipam is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpipam version 1.2.1, which can be exploited by an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the...

SQL Injection Vulnerability in ID Parameters of Dynamic Easy Network Campus System

Dynamic easy network campus system is based on the actual application needs of customers in the education industry Dynamic easy to provide a complete set of school website application solutions, set "home-school interaction, knowledge sharing, teaching aids," in one, to assist the school website ...

SQL injection vulnerability exists in the page /target/lres/special/index.html?special_id=30 of the generic reader education system of Nanjing Oncor Technology Co.

Nanjing Oncor Technology Co., Ltd Esmay Reader Education System is a set of library reader education system. The system /target/lres/special/index.html?specialid=30 page has a SQL injection vulnerability. An attacker can remotely exploit the vulnerability to obtain sensitive database information...

Exponent CMS SQL Injection Vulnerability (CNVD-2016-07937)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability...

Open Ticket Request System FAQ SQL Injection Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted by phone, email and other channels into different queues, service levels, and service personnel through the OTRS system ...

Enterprise Flow Control Routing Product iKuai IK-G20 SQL Injection Vulnerability

The Ikuai IK-G20 is an enterprise-class flow control router from China's AllConvergence Network Technology. An SQL injection vulnerability exists in the enterprise-class flow control routing product iKuai IK-G20 iKuai82.6.5Build20160815 and historical versions. An attacker can use this...

SQL Injection Vulnerability in School Management System of Shenzhen Chuangyou Network Co.

Shenzhen Chuangyou Networks school management system is a secondary school-based education management software. The product /sysTemplateWeb/ShowWebStyle.aspx?XXDM=440203000008&CatalogId= there is a SQL injection vulnerability, the injection parameter is CatalogId, the attacker can use the...

SQL injection vulnerability in the zwkm parameter of the modifyzdjb.jsp page of the ilasIII digital library system of Shenzhen Ketu Automation New Technology Application Company.

Integrated Library Automation System ILAS is the Ministry of Culture in 1988 as a national key scientific and technological projects issued by the Shenzhen Library to undertake and organize the development of a set of libraries at home and abroad to adapt to different levels, a variety of scales,...

vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

SQL Injection Vulnerability in the id Parameter of Nanchangwei.com Electronic Newspaper System

"VNN Digital Newspaper" is a professional software product for digitizing newspapers, which can provide a perfect solution for paper newspapers to go online. It allows the original newspaper layout to be quickly and easily presented to readers through the Internet. There exists a SQL injection...

SQL Injection Vulnerability in Asset Management System sysbh Parameter of Jinan Guozi Digital Technology Co.

Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. The product suffers from SQL injection vulnerability, the vulnerability URL is: http://host/dxyqsyspt/sysDetail.aspx?sysbh=000001 The...

SQL Injection Vulnerability in TUTUCMS Order Parameter

TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter order parameters, only the source code to do the corresponding code audit. Allow attackers to exploit the...

SQL Injection Vulnerability in SmartClient.asmx?op Page of Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the SmartClient.asmx?op page of Xinwei Software's E-learning system. An attacker can exploit the vulnerability to obtain sensitive information from the website...

SQL Injection Vulnerability in the VoteId Parameter of Hopping Collaborative Content Management System (CCMS)

HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the voteId parameter of the HZCMS. An attacker can exploit the vulnerability to obtain database information...