Information disclosure

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key...

CVE-2020-27019

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key...

Multiple vulnerabilities in XOOPS module "XooNIps"

Overview XOOPS module "XooNIps" contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2020-5659 Reflected cross-site scripting CWE-79 - CVE-2020-5662 Stored cross-site scripting CWE-79 - CVE-2020-5663 Deserialization of untrusted data CWE-502 - CVE-2020-5664 stypr of Flatt...

Information disclosure

Magento versions 2.4.0 and 2.3.5 and earlier are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the database...

SQL Injection Vulnerability in Taiwan Billionaire Web Design Company's Website Building System

Taiwan Billion Web Design is a web design company. A SQL injection vulnerability exists in the web design system of Taiwan Billion Web Design Company, which can be exploited by attackers to obtain sensitive information from the database...

DEDECMSV6 backend di***_li***.php file has SQL injection vulnerability

DedeCMSV6 is based on PHP 7.x development, is scalable and fully open source. A SQL injection vulnerability exists in the DEDECMSV6 backend dili.php file. An attacker can exploit this vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in CMS Frontend

Situ CMS is the short name of Situ Tourism Website Management System, which is a self-developed website management system applicable to the construction of tourism websites. A SQL injection vulnerability exists in the frontend of SITO CMS. An attacker can exploit the vulnerability to obtain...

Shanghai Yongxi Information Technology Co., Ltd. website building system has SQL injection vulnerability

Shanghai Yongxi Information Technology Co., Ltd. is a creative team dedicated to the fusion of technology and business, providing differentiated services and solutions that benefit our customers. Shanghai Yongxi Information Technology Co., Ltd. website builder system has a SQL injection...

SQL Injection Vulnerability in UFIDA GRP-U8 Higher Education Internal Control Management Software of Beijing UFIDA Administrative Software Co.

Beijing UFIDA Government Software Co., Ltd. was jointly established by UFIDA Group and the Institute of Fiscal Science of the Ministry of Finance, and is an all-around business management informatization solution provider for government departments, institutions and non-profit organizations. A SQ...

SQL Injection Vulnerability in Situ Travel CMS Website Construction System (CNVD-2020-62702)

SituTravel CMS website builder system is a domestic travel website builder system. A SQL injection vulnerability exists in Situo Travel CMS website builder system. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in the front-end aj***_di***.php file of Dascommerce Multi-User Mall system

Da Shangchuang is a B2B2C multi-user mall system launched by Shanghai Shangchuang Network Technology, which can build a new retail e-commerce platform for enterprises, covering multiple terminals such as PC mall, app mall, APP mall, micro mall, etc., and meeting a variety of e-commerce modes such...

SQL Injection Vulnerability in ZZCMS Backend a***_ma***.php File

ZZCMS is a content management system for Webmaster Merchants. A SQL injection vulnerability exists in the ama.php file in the background of ZZCMS. An attacker can exploit the vulnerability to obtain sensitive information in the database...

SQL Injection Vulnerability in Ruicheng Collaboration Office System

Hangzhou Risen lnformation Technology Co., Ltd. was founded in July 2006, the administrative headquarter is located in Hangzhou, Zhejiang Province, the company's vertical integration of the software industry chain, the focus of the industry's intelligent overall solutions to provide positioning,...

SQL Injection Vulnerability in Ke Rong AIO Management System of Shenzhen Ke Rong Software Co.(CNVD-2020-59806)

Ke Rong AIO Management System is an enterprise management system developed by Ke Rong AIO Enterprises, which solves the personalized problems of upstream and downstream, cross-departmental, multi-functional, and changing needs of many enterprise customers in the process of informatization through...

SQL Injection Vulnerability in Netcommerce Technology's Website Building System

Founded in 2015, Netcommerce Technology focuses on the innovation and integration of digital marketing technology, products, resources and services to provide customers with comprehensive digital innovation services and help traditional enterprises quickly realize the transformation and upgrading...

SQL Injection Vulnerability in ZZCMS2020 Backend (CNVD-2020-59404)

ZZCMS is a content management system. A SQL injection vulnerability exists in the backend of ZZCMS2020, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in ZZCMS2020 Backend (CNVD-2020-59398)

ZZCMS is a content management system. A SQL injection vulnerability exists in the backend of ZZCMS2020, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in the background up***.php file of Shield Spirit Original Article Submission System

The Shield Spirit Original Article Submission System is a concise submission system. A SQL injection vulnerability exists in the background up.php file of Shield Spirit Original Article Submission System. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in pr***.php page of website building system of Inner Mongolia Hohai Trading Co.

Inner Mongolia Hohai Trade Co., Ltd. is mainly engaged in e-commerce, website construction, software development, computer promotion and application of information construction services. There is a SQL injection vulnerability in the pr.php page of the website building system of Inner Mongolia Hoh...

S-CMS government website system backend has SQL injection vulnerability

S-CMS government station building system is Zibo Shining Network Technology Co., Ltd. developed a special government station building solutions to provide products. There is a SQL injection vulnerability in the backend of S-CMS government website system. Attackers can use this vulnerability to...