Lucene search
+L

757 matches found

CNVD
CNVD
added 2020/12/15 12:0 a.m.2 views

OpenAsset Digital Asset Management SQL Injection Vulnerability

Openasset is a digital asset management software for the website building industry from Openasset UK. OpenAsset Digital Asset Management suffers from a SQL injection vulnerability that originates from a blind remote SQL injection via authentication, which can be exploited by an attacker to gain...

8.8CVSS8.1AI score0.02113EPSS
Exploits2References1
CNVD
CNVD
added 2020/12/09 12:0 a.m.1 views

SQL Injection Vulnerability in Kaixin Worklog System worklog

Kaixin Worklog Worklog system is a software system based on B/S to build the collaborative office within the enterprise. The system uses ASP.NET language development. Worklog system worklog star SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/12/09 12:0 a.m.4 views

Siemens XHQ SQL Injection Vulnerability

Siemens XHQ is a software platform that aggregates plant or pipeline operational data, processes it in a goal-oriented manner, and then makes decisions in real time to effectively improve plant or pipeline operational performance. A SQL injection vulnerability exists in Siemens XHQ versions prior...

7.2CVSS7.9AI score0.00886EPSS
Exploits0References1
OSV
OSV
added 2020/12/02 10:15 p.m.4 views

CVE-2020-29284

The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the tableid parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?tableid= to trigger the...

9.8CVSS7.4AI score0.06093EPSS
Exploits1References3
CNVD
CNVD
added 2020/11/01 12:0 a.m.2 views

SQL injection vulnerability in ad***.cl***.php file in the backend of MTCEO repository system

MTCEO library system using php + mysql, built by thinkphp underlying , Baidu library template style for the basic style . MTCEO library system background ad.cl.php file SQL injection vulnerability. Attackers can use the vulnerability to obtain database sensitive information...

8AI score
Exploits0
CNVD
CNVD
added 2020/09/28 12:0 a.m.1 views

SQL Injection Vulnerability in JfinalOA

JfinalOA is a set of open source office OA system development framework. JfinalOA SQL injection vulnerability , an attacker can exploit the vulnerability to obtain sensitive database information...

7.7AI score
Exploits0
OSV
OSV
added 2020/09/22 12:15 p.m.5 views

CVE-2020-8887

Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php aka the server login page...

7.5CVSS7.2AI score0.01454EPSS
Exploits1References1
CNVD
CNVD
added 2020/09/06 12:0 a.m.1 views

ZZCMS 2020 Frontend SQL Injection Vulnerability

ZZCMS is a content management system for Webmaster Merchants. A SQL injection vulnerability exists in the ZZCMS 2020 frontend, which can be exploited by attackers to obtain sensitive information from the database...

7.6AI score
Exploits0
OSV
OSV
added 2020/06/29 5:15 p.m.3 views

CVE-2020-14068

An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executarlogin.php...

9.8CVSS5.8AI score
Exploits0References2
CNVD
CNVD
added 2020/06/24 12:0 a.m.3 views

SQL Injection Vulnerability in the Frontend of waychar Enrollment System

Waychar Enrollment System is a PHP/MYSQL based enrollment system. A SQL injection vulnerability exists in the frontend of waychar enrollment system. An attacker can exploit this vulnerability to obtain sensitive information from the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/06/07 12:0 a.m.4 views

SQL Injection Vulnerability in BEESCMS Backend ad***_bo***.php Page

BEESCMS is a scalable content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in the adbo.php page in the BEESCMS backend. An attacker can exploit the vulnerability to obtain sensitive database information...

7.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/03/27 12:0 a.m.4 views

PT-2020-17812 · Unknown · Ultralog Express

Name of the Vulnerable Software and Affected Versions: UltraLog Express affected versions not specified Description: The issue concerns the UltraLog Express device management interface, which fails to properly filter user-inputted strings in specific parameters. This allows attackers to inject...

10CVSS7.5AI score0.01249EPSS
Exploits0References5
CNVD
CNVD
added 2020/03/19 12:0 a.m.1 views

Kodak Multimedia Recording and Playback System has SQL Injection Vulnerability

Ltd. is a provider of video and security products and solutions, dedicated to video conferencing, video surveillance and video application solutions to help various government and enterprise customers to solve visual communication and management challenges. A SQL injection vulnerability exists in...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/02/06 12:0 a.m.3 views

Simplejobscript.com SJS SQL Injection Vulnerability

Simplejobscript.com SJS is a WEB based recruitment application service program. A SQL injection vulnerability exists in Simplejobscript.com SJS, which stems from a lack of validation of externally entered SQL statements in database-based applications and can be exploited by an attacker to execute...

9.8CVSS8.2AI score0.01758EPSS
Exploits1References1
CNVD
CNVD
added 2020/02/03 12:0 a.m.4 views

SQL Injection Vulnerability in MediPro's Township Government Portal System

MediPro Township Government Portal System is a website suitable for township government agencies to create local portals to publicize local resources, realize open government affairs and promote township grassroots informatization. A SQL injection vulnerability exists in MediPro Township Governme...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/01/14 12:0 a.m.1 views

Online TV Database SQL Injection Vulnerability

Online TV Database is a set of online TV program database. A SQL injection vulnerability exists in the 'ID' parameter in Online TV Database version 2011. The vulnerability stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit...

9.8CVSS8.2AI score0.01034EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/09 12:0 a.m.3 views

SQL Injection Vulnerability in the Background Administration C***t.asp Page of Angel School Training Website System

Angel school training website system is an open source website management system. Angel school training website system background management Ct.asp page there is a SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information in the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/01/07 12:0 a.m.4 views

PowerSoft Agile Development Framework 7.0.6 suffers from SQL Injection Vulnerability

PowerSoft Agile Development Framework is a set of software system projects based on intelligent scalable components, suitable for enterprise management software and Internet platform back-end system development, the framework provides a perfect permissions role management functions, rapid...

8AI score
Exploits0
CNVD
CNVD
added 2019/11/28 12:0 a.m.3 views

SQL Injection Vulnerability in Laike E-commerce System (CNVD-2020-01258)

Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. A SQL injection vulnerability exists in Laike E-commerce system, which can be exploited by attackers to access sensitive database information...

8AI score
Exploits0
CNVD
CNVD
added 2019/11/04 12:0 a.m.4 views

SQL injection vulnerability in seacms backend (CNVD-2019-43675)

Ocean CMS seacms is a video-on-demand system based on PHP+MySql technology. There is a SQL injection vulnerability in the backend of seacms, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
Rows per page
Query Builder