SQL Injection Vulnerability in Internet Behavior Audit Gateway of Chengdu Flying Fish Star Technology Development Co.

Chengdu Flying Fish Star Technology Co., Ltd. is dedicated to providing intelligent and easy-to-use network communication products and services. A SQL injection vulnerability exists in the Internet Behavior Audit Gateway of Chengdu Flyingfish Star Technology Development Co. An attacker is allowed...

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. A security vulnerability exists in Cisco Unified Communications Manager 11.0 0.98000.225 that does not validate user input within a SQL query. An attacker sending a URL containing an SQL statement cou...

SQL Injection Vulnerability in 'channel' Parameter of Founder Xiangyu Web Content Management System

Founder Xiangyu website content management system is a full-process management platform for website information publishing. A SQL injection vulnerability exists in the Founder Xiangyu Web Content Management System. The lack of filtering of the 'channel' parameter allows an attacker to exploit the...

IBM InfoSphere BigInsights Big SQL Component Security Bypass Vulnerability

IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the back-end...

SQL Injection Vulnerability in Decentralized Management (e-cology) System of Shanghai Panmicro Network Technology Co.

Panmicro collaborative management application platform e-cology is a set of collaborative business platform. An SQL injection vulnerability exists in the e-cology system, which can be exploited by an attacker to obtain database information due to the lack of filtering of the loginid parameter...

SQL Injection Vulnerability in Panmicro OA Office System

Panavision OA Office System is a coordination office software. Panmicro OA Office System suffers from a SQL injection vulnerability and a lack of filtering of the formName parameter, which can be exploited by an attacker to obtain sensitive information from a website database...

Shandong Nongyou Agricultural Integrity System SQL Injection Vulnerability

Shandong Nongyou Agricultural Integrity System is an agricultural management system. The Agricultural Integrity System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Shandong Nongyou Land Transfer Management Platform SQL Injection Vulnerability

Shandong Nongyou Land Transfer Management Platform is an agricultural management software. The Land Transfer Management Platform suffers from an SQL injection vulnerability that allows attackers to exploit the vulnerability to obtain sensitive information from the database...

Multiple SQL Injection Vulnerabilities in Moneybookers Online Lending System

The P2P P2B/P2C network lending platform software is a comprehensive network lending business management system designed and developed for a variety of microfinance network lending models including P2P, P2B/P2C business models. There are multiple SQL injection vulnerabilities in the Moneybookers...

SAP HANA DB SQL Interface Arbitrary Code Execution Vulnerability

SAP HANA DB is an in-memory, row- and column-based database from SAP. The database provides fast queries against multidimensional data, filtering out cluttered and useless data, and synchronizing the execution of multiple queries. A security vulnerability exists in the SQL interface of SAP HANA D...

Huawei Enterprise Information Engine SQL Injection Vulnerability

Huawei Enterprise Information Engine EIE is an enterprise information machine product from Huawei, China. A SQL injection vulnerability exists in Huawei EIE. An attacker could use this vulnerability to compromise an application, access or modify data, or exploit a potential vulnerability in the...

Techno Project Japan Enisys Gw SQL Injection Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A SQL injection vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to submit specially crafted SQL queries or obtain database data...

Allen-Bradley MicroLogix SQL Injection Vulnerability

Allen-Bradley MicroLogix is a programmable logic controller PLC from Rockwell Automation. An SQL injection vulnerability exists in Allen-Bradley MicroLogix 1100 prior to B FRN 15.000 and 1400 prior to B FRN 15.003. It allows an authenticated remote user to execute arbitrary SQL commands via...

SQL Injection Vulnerability in a System of Anhui Business Network

Anhui Business Network Information Industry Co., Ltd. is a professional high-tech Internet technology service provider. A system SQL injection vulnerability in Anhui Business Network allows attackers to exploit this vulnerability to obtain data volume sensitive information...

Yukisoft e-Government Platform SQL Injection Vulnerability

Yusoft e-government platform is an official document and information exchange platform jointly developed by the Ministry of Education to promote the informatization of education government affairs and entrusted to the Education Management Information Center and Beijing NetManager Information...

Cisco Prime Collaboration Assurance SQL Injection Vulnerability

Cisco Prime is a service-centric solution that integrates the management of wired and wireless LANs, WANs and data centers from endpoints, network devices and applications, and filters information. A SQL injection vulnerability exists in the Cisco Prime Collaboration Assurance WEB architecture,...

Cisco Prime Collaboration Assurance SQL Injection Vulnerability (CNVD-2015-06574)

Cisco Prime is a service-centric solution that integrates the management of wired and wireless LANs, WANs and data centers from endpoints, network devices and applications, and filters information. A SQL injection vulnerability exists in the Cisco Prime Collaboration Assurance WEB architecture,...

Pref Shimane CMS vulnerable to SQL injection

Overview Pref Shimane CMS is an open-source Contents Management System CMS. Pref Shimane CMS contains an SQL injection vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A logged in...

Open-Xchange OX Guard SQL Injection Vulnerability

Open-Xchange OX Guard is a security suite for email and documents. A SQL injection vulnerability exists in the public key discovery API calls of Open-Xchange OX Guard, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain...