601 matches found
CVE-2023-4092 SQL injection vulnerability in Fujitsu Arconte Áurea
SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data insert/update/delete, perform database administration operations and, in some cases, execute commands on the...
The Exploitation of Critical Zero-Day Vulnerability Found in MOVEit Transfer
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The MOVEit Transfer vulnerability is that it allows for unauthorized access to the database, potential manipulation or deletion of its contents, and exploitation of affected systems. To receive...
SQL Injection Vulnerability in the Teaching Management System of Hunan Qiangzhi Science and Technology Development Co.
Hunan Strong Intelligence Technology Development Co., Ltd. is a leading provider of education informatization services in the industry. A SQL injection vulnerability exists in the Academic Affairs Management System of Hunan Qiangzhi Science and Technology Development Company Limited, which can be...
PT-2023-2753 · Fortinet · Fortinac-F +1
Name of the Vulnerable Software and Affected Versions: FortiNAC-F version 7.2.0 FortiNAC versions 9.4.2 and below FortiNAC versions 9.2 and earlier FortiNAC versions 8.8 and earlier FortiNAC versions 8.7 and earlier Description: A use of hard-coded credentials issue may allow an authenticated...
Mangboard SQL注入漏洞
Mangboard is an e-commerce website of the South Korean company Mangboard. A SQL injection vulnerability exists in Mangboard versions prior to 2.0.4. The vulnerability stems from an unchecked input value, which is an SQL injection vulnerability that can be exploited by an attacker to execute...
SQL Injection Vulnerability in Teaching Management System of Hunan Qiangzhi Technology Development Co.
Hunan Qiangzhi Technology Development Co., Ltd. is an education informatization service provider. A SQL injection vulnerability exists in the Academic Affairs Management System of Hunan Qiangzhi Science and Technology Development Company Limited, which can be exploited by attackers to obtain...
PT-2022-10764 · Unknown · Semcms Shop
Name of the Vulnerable Software and Affected Versions: SEMCMS SHOP version 1.1 Description: The issue is related to SQL Injection via the Ant BlogCat.php file. This allows for potential exploitation of the database. No information is provided about the estimated number of potentially affected...
PT-2022-25840 · Ocomon · Ocomon
Name of the Vulnerable Software and Affected Versions: OcoMon version 4.0 Description: A SQL injection issue was discovered in OcoMon via the cod parameter at the "showImg.php" endpoint. This allows for potential exploitation of the database. Recommendations: For OcoMon version 4.0, consider...
Library Management System SQL注入漏洞
Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A SQL injection vulnerability exists in Library Management System. An attacker could exploit this vulnerability to conduct SQL injection...
CVE-2022-25880 Delta Electronics DIAEnergie SQL Injection in DIAE_hierarchyHandler.ashx
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerTagKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
PHPGurukul Hospital Management System SQL Injection Vulnerability (CNVD-2021-44925)
PHPGurukul Hospital Management System is a web application for hospitals to manage doctors and patients. A SQL injection vulnerability exists in \hms\admin\betweendates-detailsreports.php in PHPGurukul Hospital Management System version 4.0. The vulnerability can be exploited by an attacker to...
PHPGurukul Hospital Management System SQL Injection Vulnerability (CNVD-2021-44923)
PHPGurukul Hospital Management System is a web application for hospitals to manage doctors and patients. A SQL injection vulnerability exists in \hms\edit-profile.php in PHPGurukul Hospital Management System version 4.0. An attacker can exploit this vulnerability to obtain sensitive information...
WESEEK GROWI Input Validation Error Vulnerability (CNVD-2021-43488)
Weseek GROWI is a suite of team collaboration software from Weseek Japan. An input validation error vulnerability exists in WESEEK GROWI that arises from a network system or product that does not properly validate input data. A remote attacker could exploit this vulnerability to obtain or tamper...
SQL Injection Vulnerability in the Website Building System of Haikou ECCOM Sky Information Technology Company Limited (CNVD-2021-41234)
hereinafter referred to as "ECCOM Sky" is a collection of website construction, website planning, website optimization, search engine optimization and a variety of office software development, program development in one of the high-speed and healthy development of network information technology...
SQL Injection Vulnerability in MetInfo 7.3.0
MetInfo is a free and open source enterprise CMS. MetInfo 7.3.0 suffers from a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information from the database...
SQL Injection Vulnerability in Enterprise Standardized Management System of R&S Information Technology (Shanghai) Co.
R&S Information Technology Shanghai Co., Ltd. is a high-tech company specializing in software development and information services. A SQL injection vulnerability exists in the Enterprise Standardized Management System of R&S Information Technology Shanghai Co. An attacker can exploit the...
SQL Injection Vulnerability in Tianzhi Intelligent Hospital Integrated Quality Supervision Platform
Shenzhen Qianhai Tianzhi Information Technology Co., Ltd. is a national high-tech enterprise which firstly focuses on the management of hospital grade evaluation and the informationization construction of hospital comprehensive quality supervision platform. There is a SQL injection vulnerability ...
SQL Injection Vulnerability in Ruoyi Management System (CNVD-2021-36506)
Ruoyi management system is based on SpringBoot2.0 permissions management system, the core technology using SpringBoot, MyBatis, Shiro, Thymeleaf, Bootstrap, Vue and so on. The system suffers from a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information...
SQL Injection Vulnerability in Yuanxin Technology (Stock) Company's Website Building System
Founded in January, 2002, Yonsei Technology Co. It is a company that provides total website planning, website design, web design, programming, web production, internet marketing, web hosting and related web design value-added services. A SQL injection vulnerability has been identified in the...
SQL Injection Vulnerability in Telecom Gateway Configuration Management System it***_te***_po***.php Page
China Telecom Group Corporation is China's mega state-owned telecommunications enterprise and a global partner of the Shanghai World Expo. A SQL injection vulnerability exists in the ittepo.php page of the Telecom Gateway Configuration Management System, which can be exploited by attackers to...