CVE-2017-6088

Multiple SQL injection vulnerabilities in EyesOfNetwork aka EON 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 bpname, 2 display, 3 search, or 4 equipment parameter to module/monitoringged/gedfunctions.php or the 5 type parameter to...

CVE-2017-6088

Multiple SQL injection vulnerabilities in EyesOfNetwork aka EON 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 bpname, 2 display, 3 search, or 4 equipment parameter to module/monitoringged/gedfunctions.php or the 5 type parameter to...

Sql injection

SQL injection vulnerability in Pivotal Cloud Foundry PCF before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated...

Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The attacker must be authenticated as an administrative user to execute SQL database queries. The...

Sql injection

SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program...

CVE-2017-7290

SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program...

CVE-2017-7290

SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a backdoor program...

CVE-2017-6550

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...

CVE-2017-6550

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...

SQL Injection Vulnerability in Province_city.php File of Ohu Government System

Ohuhu government system is the government portal system of Shanghai Ohuhu Network Technology Co. A SQL injection vulnerability exists in the provincecity.php file of the Ohuhu government system. An attacker can exploit this vulnerability to execute arbitrary SQL statements and obtain sensitive...

SQL Injection Vulnerability in getsyscat.php File of Ohu Government System

Ohuhu government system is the government portal system of Shanghai Ohuhu Network Technology Co. A SQL injection vulnerability exists in the getsyscat.php file of the Ohuhu Government System. An attacker can exploit this vulnerability to execute arbitrary SQL statements and obtain sensitive...

SQL Injection Vulnerability in getjwj.php File of Ohu Government System

Ohuhu government system is the government portal system of Shanghai Ohuhu Network Technology Co. A SQL injection vulnerability exists in the getjwj.php file of the Ohuhu Government System. An attacker can exploit this vulnerability to execute arbitrary SQL statements and obtain sensitive...

CVE-2016-5483: use mysqldump to backup can generate Backdoor-vulnerability warning-the black bar safety net

Foreword mysqldump is used to create a MySQL database, logical backup is a commonly used tool. It is in the default configuration, you can generate one. sql file containing the create/delete tables and insert data. In import the dump file, an attacker may be manufactured by a malicious table name...

WordPress Mail Masta plugin SQL injection vulnerability (CNVD-2017-02638)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Mail Masta aka mail-masta is one of the email plug-ins. WordPress Mail Masta plugin version 1.0 in...

CVE-2016-7782

SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter...

CVE-2016-9019

SQL injection vulnerability in the activateaddress function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the iswhat parameter...

CVE-2016-7781

SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter...

CVE-2016-7783

SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter...

CVE-2016-9020

SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter...

CVE-2016-7788

SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter...