vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

SQL Injection Vulnerability in the id Parameter of Nanchangwei.com Electronic Newspaper System

"VNN Digital Newspaper" is a professional software product for digitizing newspapers, which can provide a perfect solution for paper newspapers to go online. It allows the original newspaper layout to be quickly and easily presented to readers through the Internet. There exists a SQL injection...

SQL Injection Vulnerability in Asset Management System sysbh Parameter of Jinan Guozi Digital Technology Co.

Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. The product suffers from SQL injection vulnerability, the vulnerability URL is: http://host/dxyqsyspt/sysDetail.aspx?sysbh=000001 The...

SQL Injection Vulnerability in TUTUCMS Order Parameter

TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter order parameters, only the source code to do the corresponding code audit. Allow attackers to exploit the...

SQL Injection Vulnerability in SmartClient.asmx?op Page of Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the SmartClient.asmx?op page of Xinwei Software's E-learning system. An attacker can exploit the vulnerability to obtain sensitive information from the website...

SQL Injection Vulnerability in the VoteId Parameter of Hopping Collaborative Content Management System (CCMS)

HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the voteId parameter of the HZCMS. An attacker can exploit the vulnerability to obtain database information...

SQL Injection Vulnerability in the Templetid Parameter of Hopping Collaborative Content Management System

HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the templetid parameter of HZCMS. Attackers can use the vulnerability to obtain data information...

CVE-2016-5817

SQL injection vulnerability in news pages in Cargotec Navis WebAccess before 2016-08-10 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Moxa SoftCMS SQL Injection Vulnerability

Moxa SoftCMS is a centralized management software for type monitoring systems. Moxa SoftCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

SQL Injection Vulnerability in Video Conferencing System of Tangqiao Technology (Hangzhou) Co.

Video conferencing system is a remote collaborative video software, a kind of cloud conference system developed by Tangqiao Technology Hangzhou Co. The product suffers from an SQL injection vulnerability, which can be exploited by attackers to obtain database data...

Multiple vulnerabilities in the Joomla! Huge-IT Image Gallery extension (CNVD-2016-05734)

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds , site search and other features . Huge-IT Image Gallery is one of the image gallery extension plug-ins . A SQL injection vulnerability and a cross-site scripti...

mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML...

Misys FusionCapital Opics Plus SQL Injection Vulnerability

Misys FusionCapital Opics Plus is an end-to-end scalable money business solution for the financial industry from Misys UK. The solution provides IAS-compliant accounting structures, foreign exchange tools and client-facing e-banking capabilities. An SQL injection vulnerability exists in Misys...

The vulnerability in the embedded software of MicroLogix 1100 and MicroLogix 1400 allows a hacker to execute SQL code.

The vulnerability of the embedded software in MicroLogix 1100 and MicroLogix 1400 programs lies in the lack of protection for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code, resulting in the creation or deletion of accounts, or the elevation o...

SQL Injection Vulnerability in Remote DBMail Mail Server

DBMail is a database-enabled enterprise mail system developed by TeleSoft. A SQL injection vulnerability exists in Telezine DBMail Mail Server V5.0 updated 2016.07.08. The vulnerability is allowed to be exploited by an attacker to gain access to sensitive database information...

SQL Injection Vulnerability in Uni Call Calling System

Uni Call Customer Service Edition is a professional software application platform designed for inbound customer service centers. A SQL injection vulnerability exists in the Uni Call call system. The lack of filtering of the /uncalllib/index.php parameter allows attackers to exploit the...

SQL Injection Vulnerability in Agricultural Internet of Things Sensing Platform System

Agricultural IoT sensing platform system is an industrial control system. An SQL injection vulnerability exists in the Agricultural Internet of Things Sensing Platform System, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Shanghai Yongcan CMS

Shanghai Yongcan CMS is a website building system for major enterprises, schools and social organizations. Shanghai Yongcan CMS suffers from SQL injection vulnerability, through which an attacker can obtain database information, resulting in the leakage of sensitive information...

The vulnerability of the PI Server database management system allows a hacker to circumvent restrictions on executing SQL commands.

The vulnerability of the PI Server database management system is related to the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to bypass restrictions on the execution of SQL commands by adding the account to the Trusted Users group and excludin...

SQL Injection Vulnerability in EMN Intelligent Network Management System

EMN Intelligent Network Management System is a DNS service system composed of a set of industrial control hardware devices and an embedded DNS software system. EMN Intelligent Network Management System suffers from SQL injection vulnerability. It allows attackers to utilize commonly used SQL...