SQL Injection Vulnerability in yiifcms Content Management System

yiifcms is a content management system CMS developed on the yii framework. A SQL injection vulnerability exists in the yiifcms content management system due to the system's failure to strictly filter the id and catalogid parameters. An attacker can exploit this vulnerability to obtain sensitive...

SQL Injection Vulnerability in School Management System of Shenzhen Chuangyou Network Co.

Shenzhen Chuangyou Networks school management system is a secondary school-based education management software. The product /sysTemplateWeb/ShowWebStyle.aspx?XXDM=440203000008&CatalogId= there is a SQL injection vulnerability, the injection parameter is CatalogId, the attacker can use the...

CVE-2014-0078

The CatalogController in Red Hat CloudForms Management Engine CFME before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID...

CVE-2014-0078

The CatalogController in Red Hat CloudForms Management Engine CFME before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID...