Admin panel UliCMS SQL Injection Vulnerability

UliCMS is a web content management solution. A SQL code injection exists due to the "countryblacklist" variable of the page "action=spamfilter". An attacker can exploit the vulnerability to execute database code...

Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability

Cisco Cloud Network Automation Provisioner is a suite of cloud network automation provisioning software. A SQL injection vulnerability exists in Cisco Cloud Network Automation Provisioner, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...

biweb SQL Injection Vulnerability

BIWEB Business Intelligence Website System is a website system relying on ArthurXF enterprise application-level PHP development framework, developed and designed by the Shanghai NetWorks Network Information Co., Ltd. is a rapid development, simple and easy to use object-oriented enterprise...

Cacti graph_view.php SQL Injection Vulnerability

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti Group. A SQL injection vulnerability in Cacti graphview.php allows attackers to exploit the vulnerability to execute arbitrary SQL commands...

BlackBerry Enterprise Service Management Console SQL Injection Vulnerability

BlackBerry Enterprise Service is a next-generation mobile device management platform. A SQL injection vulnerability exists in the Management Console component of BlackBerry Enterprise Service, which could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or...

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the IBM Maximo Asset Management software’s asset management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

SQL Injection Vulnerability in ntao website builder system

ntao website builder is a self-service website builder system. The product suffers from a sql injection vulnerability, which can be exploited by an attacker to obtain sensitive database information...

DotCMS SQL Injection Vulnerability

DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A SQL injection vulnerability exists in DotCMS version 3.3, which originates from the...

Vwins SQL Injection Vulnerability

vwins is an open source WeChat public , WeChat enterprise and pay as you go service window management system . Vwins has a SQL injection vulnerability, attackers can use the vulnerability to obtain database information, constituting a sensitive information leakage...

Flying Fox Link File System SQL Injection Vulnerability

Flying Fox Link File System is a file management system. Flying Fox Link File System suffers from a SQL injection vulnerability, which can be exploited by an attacker to obtain database information, resulting in the disclosure of sensitive information...

SQL Injection Vulnerability in Shandong Wave Government In-use System/view/chufajieguochaxun.aspx Page

Shandong Wave government in use administrative service system is a comprehensive administrative service system integrating information and consultation, approval and charge, management and coordination, complaint and supervision. A SQL injection vulnerability exists in the...

The vulnerability of the microprogramming software used in Cisco RV220W network switches allows attackers to execute arbitrary SQL commands.

The vulnerability of the web interface for managing microprogramming software on the Cisco RV220W network switch is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially...

The vulnerability of the Cisco Unified Communications Manager system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the Cisco Unified Communications Manager IP telephony management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...

The vulnerability of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary SQL commands.

The vulnerability of the UDDI server component of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

Cuore EC-CUBE Help plug-in SQL Injection Vulnerability

Cuore EC-CUBE Help plug-in is a Japan Cuore company's use in EC-CUBE open source e-commerce site building platform and provide help function plug-in. A SQL injection vulnerability exists in the Cuore EC-CUBE Help plug-in, which allows remote attackers to execute arbitrary SQL commands via...

WeBid SQL Injection Vulnerability

WebID is the serial number of ESET antivirus software that can be obtained automatically. An SQL injection vulnerability exists in WeBid. Because the '$SESSION"id"' talkback variable is not properly filtered, an attacker can exploit the vulnerability to alter raw SQL queries and execute arbitrary...

Cisco RV220W SQL Injection Vulnerability

The Cisco RV220W is a wireless VPN firewall router product from Cisco. A SQL injection vulnerability exists in the web-based management interface of the Cisco RV220W, which can be exploited by remote attackers to submit a specially crafted SQL query to manipulate or obtain database data...

SQL Injection Vulnerability in Internet Behavior Audit Gateway of Chengdu Flying Fish Star Technology Development Co.

Chengdu Flying Fish Star Technology Co., Ltd. is dedicated to providing intelligent and easy-to-use network communication products and services. A SQL injection vulnerability exists in the Internet Behavior Audit Gateway of Chengdu Flyingfish Star Technology Development Co. An attacker is allowed...

The vulnerability of the WhatUp Gold monitoring system allows attackers to carry out attacks based on SQL injections.

The vulnerability of the DroneDeleteOldMeasurements implementation in the WhatUp Gold IT-infrastructure monitoring system is related to the lack of verification of the reliability of XML objects’ sequences. Exploiting this vulnerability allows a malicious actor, operating remotely, to carry out...

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. A security vulnerability exists in Cisco Unified Communications Manager 11.0 0.98000.225 that does not validate user input within a SQL query. An attacker sending a URL containing an SQL statement cou...