SQL Injection Vulnerability in 'channel' Parameter of Founder Xiangyu Web Content Management System

Founder Xiangyu website content management system is a full-process management platform for website information publishing. A SQL injection vulnerability exists in the Founder Xiangyu Web Content Management System. The lack of filtering of the 'channel' parameter allows an attacker to exploit the...

IBM InfoSphere BigInsights Big SQL Component Security Bypass Vulnerability

IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the back-end...

The vulnerability of the IBM DB2 database management system allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by using a scalar function in an SQL query...

The vulnerability of the AMS Device Manager system allows a perpetrator to increase their privileges.

The vulnerability of the AMS Device Manager system control mechanism is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to enhance their privileges by making incorrect data inputs remotely...

SQL Injection Vulnerability in Decentralized Management (e-cology) System of Shanghai Panmicro Network Technology Co.

Panmicro collaborative management application platform e-cology is a set of collaborative business platform. An SQL injection vulnerability exists in the e-cology system, which can be exploited by an attacker to obtain database information due to the lack of filtering of the loginid parameter...

SQL Injection Vulnerability in Panmicro OA Office System

Panavision OA Office System is a coordination office software. Panmicro OA Office System suffers from a SQL injection vulnerability and a lack of filtering of the formName parameter, which can be exploited by an attacker to obtain sensitive information from a website database...

Shandong Nongyou Agricultural Integrity System SQL Injection Vulnerability

Shandong Nongyou Agricultural Integrity System is an agricultural management system. The Agricultural Integrity System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Shandong Nongyou Land Transfer Management Platform SQL Injection Vulnerability

Shandong Nongyou Land Transfer Management Platform is an agricultural management software. The Land Transfer Management Platform suffers from an SQL injection vulnerability that allows attackers to exploit the vulnerability to obtain sensitive information from the database...

The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary code.

The vulnerability of the SAP HANA database management system’s SQL interface exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the SQL server authentication process...

Vulnerability of the microprogramming software for Micrologix 1100 and 1400 programmable logic controllers, allowing attackers to execute arbitrary SQL commands

The vulnerability of the microprogrammed logic controllers Micrologix 1100 and 1400 lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

Multiple SQL Injection Vulnerabilities in Moneybookers Online Lending System

The P2P P2B/P2C network lending platform software is a comprehensive network lending business management system designed and developed for a variety of microfinance network lending models including P2P, P2B/P2C business models. There are multiple SQL injection vulnerabilities in the Moneybookers...

SAP HANA DB SQL Interface Arbitrary Code Execution Vulnerability

SAP HANA DB is an in-memory, row- and column-based database from SAP. The database provides fast queries against multidimensional data, filtering out cluttered and useless data, and synchronizing the execution of multiple queries. A security vulnerability exists in the SQL interface of SAP HANA D...

Huawei Enterprise Information Engine SQL Injection Vulnerability

Huawei Enterprise Information Engine EIE is an enterprise information machine product from Huawei, China. A SQL injection vulnerability exists in Huawei EIE. An attacker could use this vulnerability to compromise an application, access or modify data, or exploit a potential vulnerability in the...

The vulnerability of the MySQL database management system allows a hacker to cause a service failure.

The vulnerability of the Server sub-component in the MySQL database management system is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Techno Project Japan Enisys Gw SQL Injection Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A SQL injection vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to submit specially crafted SQL queries or obtain database data...

Vulnerabilities of the SAP HANA database management system, allowing attackers to execute arbitrary SQL commands

The multiple vulnerabilities of the Development Workbench component of the SAP HANA database management system are related to the lack of protection for SQL query structures. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary SQL commands remotely...

Allen-Bradley MicroLogix SQL Injection Vulnerability

Allen-Bradley MicroLogix is a programmable logic controller PLC from Rockwell Automation. An SQL injection vulnerability exists in Allen-Bradley MicroLogix 1100 prior to B FRN 15.000 and 1400 prior to B FRN 15.003. It allows an authenticated remote user to execute arbitrary SQL commands via...

SQL Injection Vulnerability in a System of Anhui Business Network

Anhui Business Network Information Industry Co., Ltd. is a professional high-tech Internet technology service provider. A system SQL injection vulnerability in Anhui Business Network allows attackers to exploit this vulnerability to obtain data volume sensitive information...

Yukisoft e-Government Platform SQL Injection Vulnerability

Yusoft e-government platform is an official document and information exchange platform jointly developed by the Ministry of Education to promote the informatization of education government affairs and entrusted to the Education Management Information Center and Beijing NetManager Information...