Ipswitch WhatsUp Gold SQL Injection Vulnerability (CNVD-2016-10073)

Ipswitch WhatsUp Gold is a suite of unified infrastructure and application monitoring software from Ipswitch USA. A SQL injection vulnerability exists in the sUniqueID parameter of the WrFreeFormText.asp script in Ipswitch WhatsUp Gold version 16.4.1, which can be exploited by remote attackers to...

SQL Injection Vulnerability in UFIDA UFO System queryByWhere Interface

UFIDA UFO system is UFIDA software comes with tabular data processing software. A SQL injection vulnerability exists in the queryByWhere interface of UFIDA UFO System. An attacker is allowed to exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in bjbh Parameter of EAP Digital Campus Integration Management Platform of Guangzhou Zhongda Dongri Education Technology Co.

EAP platform, abbreviated as EAP Enterprise Application Platform, enterprise application platform, also known as enterprise management software platform, is a highly open, integrated with a number of enterprise management software modules. Guangzhou CUHK Dongri Education Technology Co., Ltd. EAP...

SQL Injection Vulnerability in the queryInvcl Method of the UFIDA UFO System

UFIDA UFO system is UFIDA software comes with tabular data processing software. A SQL injection vulnerability exists in the queryInvcl method of UFIDA UFO System. An attacker is allowed to exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in the Type Parameter of NoticeList.aspx Page of Wave e-Procurement Platform

Wave e-procurement platform is a proprietary e-commerce platform for enterprises built using cloud computing and e-commerce technology. A SQL injection vulnerability exists in the Type parameter of the NoticeList.aspx page of the Wave e-Procurement Platform, which can be exploited by an attacker ...

TYPO3 GN Tactics Planner Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system. A SQL injection vulnerability exists in TYPO3 GN Tactics Planner Extension due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to access or modify data...

SetucoCMS SQL Injection Vulnerability

SetucoCMS is a content management system CMS. A SQL injection vulnerability exists in SetucoCMS. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

SQL Injection Vulnerability in Wave OA Intelligent Office Platform

Longchamp Yunhai OA Intelligent Office Platform is aimed at the private and hybrid cloud market, providing open and secure enterprise-class cloud data center operation and maintenance management capabilities. SQL injection vulnerability exists in the Wave OA Office system, allowing attackers to...

WDS CMS SQL Injection Vulnerability

WDS CMS is a website management system. WDS CMS suffers from a SQL injection vulnerability, which can be exploited by an attacker to gain access to the database contents, as well as to upload backdoor files in subsequent attacks...

CVE-2016-1000125

Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla...

PT-2016-6893 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center versions 4.10.3 through 5.4.0 Description: A SQL injection issue allows remote authenticated users to execute arbitrary SQL commands. Recommendations: For versions 4.10.3 through 5.4.0, update to a version th...

3Webs CMS SQL Injection Vulnerability

3Webs CMS is a content management system. 3Webs CMS suffers from a SQL injection vulnerability that can be exploited by an attacker via a SQL injection command, resulting in the disclosure of database information...

Joomla! com_bt_media Component SQL Injection Vulnerability

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the categories0 parameter of the index/php page of the Joomla! combtmedia...

PHPIPAM SQL Injection Vulnerability

phpipam is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpipam version 1.2.1, which can be exploited by an attacker to compromise the application, access or modify data, or exploit potential vulnerabilities in the...

SQL Injection Vulnerability in ID Parameters of Dynamic Easy Network Campus System

Dynamic easy network campus system is based on the actual application needs of customers in the education industry Dynamic easy to provide a complete set of school website application solutions, set "home-school interaction, knowledge sharing, teaching aids," in one, to assist the school website ...

SQL injection vulnerability exists in the page /target/lres/special/index.html?special_id=30 of the generic reader education system of Nanjing Oncor Technology Co.

Nanjing Oncor Technology Co., Ltd Esmay Reader Education System is a set of library reader education system. The system /target/lres/special/index.html?specialid=30 page has a SQL injection vulnerability. An attacker can remotely exploit the vulnerability to obtain sensitive database information...

Exponent CMS SQL Injection Vulnerability (CNVD-2016-07937)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability...

Open Ticket Request System FAQ SQL Injection Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted by phone, email and other channels into different queues, service levels, and service personnel through the OTRS system ...

Enterprise Flow Control Routing Product iKuai IK-G20 SQL Injection Vulnerability

The Ikuai IK-G20 is an enterprise-class flow control router from China's AllConvergence Network Technology. An SQL injection vulnerability exists in the enterprise-class flow control routing product iKuai IK-G20 iKuai82.6.5Build20160815 and historical versions. An attacker can use this...

SQL Injection Vulnerability in School Management System of Shenzhen Chuangyou Network Co.

Shenzhen Chuangyou Networks school management system is a secondary school-based education management software. The product /sysTemplateWeb/ShowWebStyle.aspx?XXDM=440203000008&CatalogId= there is a SQL injection vulnerability, the injection parameter is CatalogId, the attacker can use the...