Sql injection

A SQL injection vulnerability in qcubed all versions including 3.1.1 in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request...

CVE-2020-24913

A SQL injection vulnerability in qcubed all versions including 3.1.1 in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request...

SeaCMS suffers from SQL injection vulnerability (CNVD-2021-17447)

SeaCMS is a web content management system based on PHP MYSQL architecture and can run across platforms. SeaCMS has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Te*** Parameters of Gouhua Commercial Concrete Management Software of Hangzhou Lotus Software Co.

Hangzhou Lotus Software Co., Ltd, was registered in Hangzhou on 2004-01-07, belongs to the software and information technology services industry, the main industry is software and information technology services industry, the number of employees 5 people, the registered capital of 1 million yuan...

SQL Injection Vulnerability in Water Rights Trading System (CNVD-2021-18291)

Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise specializing in the research and development, production, sales and system engineering technical services of Internet of Things security communication terminal and intelligent application platform software. There is a SQL...

SQL Injection Vulnerability in OurPHP (CNVD-2021-18283)

OurPHP is a PHP MySQL-based development of W3C-compliant site-building system. OurPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in OurPHP (CNVD-2021-18282)

OurPHP is a PHP MySQL-based development of W3C-compliant site-building system. OurPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

MKCMS official version suffers from SQL injection vulnerability (CNVD-2021-16410)

MKCMS is a free and open source PHP web content management system developed by Yakun Technology. MKCMS official version of the existence of SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive information in the database...

Aruba ClearPass Policy Manager SQL Injection Vulnerability (CNVD-2021-13471)

Aruba ClearPass Policy Manager is a network access control NAC solution. An SQL injection vulnerability exists in the ClearPass Web Management Interface API in versions prior to Aruba ClearPass Policy Manager 6.9.5, 6.8.8-HF1, and 6.7.14-HF1, which can be exploited by an attacker to obtain and...

CVE-2021-26685

A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface API of ClearPass could allow an authenticated remote attacker to conduct SQL injection attack...

SQL injection vulnerability in pr***.asp page of website building system of Ningbo Hi-Tech Zone Aokai Network Technology Co.

Ningbo Hi-Tech Zone Aokai Network Technology Co., Ltd, provides appropriate business and Internet brand promotion services. Ningbo High-tech Zone Aokai Network Technology Co., Ltd. building system pr.asp page SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive...

SQL Injection Vulnerability in iCMS Content Management System

iCMS is an efficient and simple content management system built with PHP and MySQL. An SQL injection vulnerability exists in the iCMS content management system, which can be exploited by attackers to obtain sensitive information from the database...

NeDi SQL Injection Vulnerability (CNVD-2021-22163)

NeDi is an open source software tool that discovers, maps and inventories network devices and tracks connected end nodes. A SQL injection vulnerability exists in the Monitoring History function in endpoint /Monitoring-History.php in NeDi 1.9C. An attacker can exploit this vulnerability to access...

CVE-2021-22854 Soar Cloud System Co., Ltd. HR Portal - SQL Injection

The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege...

Soar Cloud System SQL注入漏洞

Soar Cloud System is a HR system solution system developed by Soar. The Soar Cloud System HR portal suffers from a SQL injection vulnerability that stems from not filtering SQL injection statements, which allows a remote attacker to inject SQL syntax and obtain all data in the database without...

Sourcecodester Baby Care System SQL注入漏洞

Baby Care System is a heartbeat and temperature detection system. Baby Care System v1.0 is susceptible to SQL injection attacks. The vulnerability stems from the contentsectionpage.php page not filtering user input for SQL injection, which can be exploited by attackers to obtain database...

NeDi <= 1.9C, 2.0 Multiple Vulnerabilities

NeDi is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

CVE-2020-35567

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances...

Default credentials

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances...

CVE-2020-35567

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances...