Invigo Automatic Device Management SQL Injection Vulnerability

Invigo Automatic Device Management ADM is a native management tool for cellular operators that enables them to detect, maintain and manage millions of devices cost-effectively and with a high degree of reliability. A SQL injection vulnerability exists in /admin/displayerrors.php in Invigo Automat...

SQL Injection Vulnerability in Ke361 Backend Me***.cl***.php

Ke361 is an open source Taobao system, based on the latest ThinkPHP3.2 version of the development, to provide a more convenient and secure WEB application development experience, the Taobao system adopts a new architectural design and namespace mechanism, the integration of modular, driven and...

Songcms suffers from SQL injection vulnerability (CNVD-2021-25000)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , multi-language support , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . Songcms SQL injection vulnerability , attackers can use the vulnerability to obtain...

Shanghai Niomai Network Technology Co., Ltd. website building system has a universal password login vulnerability.

Shanghai Niumai Network Technology Co., Ltd. was founded on 09/09/2019. Legal representative Xu Xinsheng,The company's business scope includes: engaging in the field of network technology technology, technology development, technology transfer, technical consulting, technical services; web page...

SQL Injection Vulnerability in OurPHP (CNVD-2021-22605)

OurPHP is a PHP MySQL-based development of W3C-compliant site-building system. OurPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Wordpress WP Google Map SQL Injection Vulnerability

Wordpress WP Google Map is an application plugin for Wordpress. Provides a way to quickly and easily add customized Google maps or store locators to WordPress posts and, or pages. A security vulnerability exists in WordPress plugin WP Google Map Plugin versions prior to 4.1.5, which originates in...

CVE-2021-26935

In WoWonder 3.1, remote attackers can gain access to the database by exploiting a requests.php?f=search-my-followers SQL Injection vulnerability via the eventid parameter...

Sql injection

In WoWonder 3.1, remote attackers can gain access to the database by exploiting a requests.php?f=search-my-followers SQL Injection vulnerability via the eventid parameter...

CVE-2021-26935

In WoWonder 3.1, remote attackers can gain access to the database by exploiting a requests.php?f=search-my-followers SQL Injection vulnerability via the eventid parameter...

Harbin Qixun Technology Co., Ltd. website building system has SQL injection vulnerabilities

Harbin Qixun Technology Co., Ltd. is a focus on small and medium-sized enterprises network marketing outsourcing Internet enterprises, Qixun Technology to provide customers with "stable, safe, high-speed" Internet-based products and online service solutions. Harbin Qixun Technology Co., Ltd...

Envato WoWonder SQL注入漏洞

Envato WoWonder is an application from the Australian company Envato. It provides a PHP social networking script. A security vulnerability exists in WoWonder 3.1, which can be exploited by remote attackers to gain access to a database via request .php...

WoWonder Social Network Platform 3.1 - (event_id) SQL Injection Vulnerability

Exploit Title: WoWonder Social Network Platform 3.1 - 'eventid' SQL Injection Vendor Homepage: https://www.wowonder.com/ Software Link: https://codecanyon.net/item/wowonder-the-ultimate-php-social-network-platform/13785302 Version: 3.1 Tested on: Linux/Windows DESCRIPTION In WoWonder 3.1, remote...

SQL injection vulnerability exists in the open-source version of the UX365 web site navigation (CNVD-2021-24438)

Youkai 365 Web site navigation open source version is based on PHP + MYSQL development and construction of open source Web site catalog management system. Uke365 Web site navigation open source version of the existence of SQL injection vulnerability . Attackers can exploit the vulnerability to...

SQL injection vulnerability exists in the open-source version of the UX365 web site navigation (CNVD-2021-24439)

Youkai 365 Web site navigation open source version is based on PHP + MYSQL development and construction of open source Web site catalog management system. Uke365 Web site navigation open source version of the existence of SQL injection vulnerability . Attackers can exploit the vulnerability to...

WoWonder Social Network Platform 3.1 SQL Injection

Exploit Title: WoWonder Social Network Platform 3.1 - 'eventid' SQL Injection Date: 16.03.2021 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://www.wowonder.com/ Software Link:...

SQL injection vulnerability in Myeye backend (CNVD-2021-24444)

Myeye is a monitoring and control system. A SQL injection vulnerability exists in the backend of Myeye. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL injection vulnerability in the backend of Tongda oa (CNVD-2021-22798)

Tongda OA Office Anywhere Network Intelligent Office System is a collaborative office automation software independently developed by Beijing Tongda Science and Technology Co., Ltd. and China's enterprise management practices combined with the formation of a comprehensive management office platfor...

Zhengzhou Wolong website builder system has SQL injection vulnerability

Zhengzhou Wolong Software Development Co., Ltd, was registered in Henan Province on 2013-03-11, belongs to the information transmission, software and information technology services industry, the main industry is software and information technology services industry, the service field is computer...

CVE-2021-26966

A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform versions: Prior to 8.2.12.0. Multiple vulnerabilities in the API of AirWave could allow an authenticated remote attacker to conduct SQL injection attacks against the AirWave instance. An attacke...

CVE-2020-24913

A SQL injection vulnerability in qcubed all versions including 3.1.1 in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request...