pgAdmin 安全漏洞

pgAdmin is an open source administration and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin version 8.5 and prior versions that originated from a vulnerability that allows an attacker who knows the username and password of a legitimate...

Multiple Huawei products not adequately certified for vulnerability

The OSCA-550AX is a 55-inch smart screen launched by Huawei's brand Honor.The OSCA-550A is the first 55-inch terminal smart screen launched by Honor using Huawei's Hongmeng operating system. A security vulnerability exists in multiple Huawei products, which stems from the system's failure to...

CVE-2018-12984

Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials...

StrongSoft灾害预警系统strFieldName参数SQL注入漏洞

注入链接：/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数：strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convertint,@@version 【管理员账号密码】...

OSC Visitor Web Stats SQL Injection

Popular OSC add-on Visitor Web Stats is completely vulnerable to SQL injections. Although it uses request data i. e. the Accept-Language header, there's no escaping at all. This also applies to the extension's derivative for OSC 3, who's author completely inherited the insufficient code structure...