SQL Injection Vulnerability in ERP-PRO

ERP-PRO is based on SpringBoot 2.X framework for small and medium-sized enterprises to build open source good ERP software. ERP-PRO suffers from SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive information in the database...

CVE-2020-13952

In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the...

Fedora: Security Advisory for perl-DBI (FEDORA-2020-f30298614a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SQL Injection Vulnerability in Website Building System of Guangdong Jundu Technology Co.

Guangdong Jundu Technology Co., Ltd. is a comprehensive Internet value marketing services information technology network company specializing in custom development, network marketing, new media marketing, media advertising and other value-added services as a whole. There is a SQL injection...

SQL Injection Vulnerability in the Comprehensive Management Platform of Beijing Zhongcheng Kexin Technology Development Co. Ltd (CNVD-2020-60136)

Beijing Zhongcheng Kexin Technology Development Co., Ltd. is a travel whole industry chain service provider. A SQL injection vulnerability exists in the integrated management platform of Beijing Zhongcheng Kexin Technology Development Co. An attacker can exploit this vulnerability to obtain...

SQL Injection Vulnerability in e-cology 8.0 Frontend of Shanghai Panmicro Network Technology Co.

e-cology is a collaboration platform. A SQL injection vulnerability exists in the frontend of e-cology 8.0 of Shanghai Panmicro Networks Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Mini-Tmall Framework Front and Backend

Mini Tmall Mini Tmall is a Spring Boot-based integrated B2C e-commerce platform, the requirements of the design of the main reference Tmall shopping process: users start from registration, to complete the login, browse the products, add a shopping cart, place an order, confirm receipt, evaluation...

SQL Injection Vulnerability in an Interface of e-office of Shanghai Panmicro Network Technology Co.

Ltd. e-office system is a set of collaborative office system. A SQL injection vulnerability exists in one of the interfaces of e-office, which can be exploited by attackers to obtain sensitive information from the database...

Perl DBI: Multiple vulnerabilities

Background A database access module for the Perl programming language. Description Multiple vulnerabilities have been discovered in the Perl module DBI. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround Ther...

Knight CMS of Taiyuan Xunyi Technology Co., Ltd. suffers from SQL injection vulnerability (CNVD-2020-58523)

Knight CMS is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. Knight CMS is vulnerable to SQL injection. Attackers can use the vulnerability to obtain sensitive information in the database...

ZZCMS suffers from SQL injection vulnerability (CNVD-2020-58517)

ZZCMS is a content management system for Webmaster Merchants. ZZCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

ZZCMS 2020 suffers from SQL injection vulnerability (CNVD-2020-58514)

ZZCMS is a content management system for Webmaster Merchants. ZZCMS 2020 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

ZZCMS suffers from SQL injection vulnerability (CNVD-2020-57393)

ZZCMS is a free website builder developed in asp language. ZZCMS suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to read database information...

CVE-2020-2242

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials...

NiuShop suffers from SQL injection vulnerability (CNVD-2020-56379)

Niushop is designed by Shanxi Niu Cool Information Technology Co., Ltd. design, research and development of a set of PHP open source shopping center. NiuShop has a SQL injection vulnerability, which can be exploited by attackers to obtain website database data...

Multiple systems of Xi'an Zumibo Intelligent Technology Co., Ltd. suffer from universal password login vulnerability

Ltd. is a company that focuses on providing customized development of industrial intelligent control, and provides detailed and perfect overall solutions for industrial control enterprises. Xi'an Xibo Intelligent Technology Co., Ltd. has a universal password login vulnerability in several systems...

SQL injection vulnerability in ne***.php page of website building system of Jinan Cabbage Network Technology Co.

Jinan Cabbage Network Technology Co., Ltd. is a company engaged in website construction, technology outsourcing, WAP mobile site construction, micro letter and small program custom development, system UI and graphic design, PHP system development, Netease enterprise mailbox. There is a SQL...

SQL Injection Vulnerability in Shijiazhuang Diyi Advertising Co.

Shijiazhuang Diyi Advertising Co., Ltd. is a company dedicated to corporate branding and marketing planning. Shijiazhuang Diyi Advertising Co., Ltd. website building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information database...

SQL Injection Vulnerability in the Website Building System of Longcheng Internet Wenzhou Network Company (CNVD-2020-54843)

Wenzhou Longcheng Internet Technology Co., Ltd - is engaged in website construction, website production, website design, graphic design, website optimization, website promotion, album design and other integrated Internet companies. Long Cheng Internet Wenzhou Network Company website building syst...

SQL Injection Vulnerability in East Technology Limited's Website Building System

East Technology Limited is a Hong Kong based web design and mobile application company. A SQL injection vulnerability exists in East Technology Limited's website builder system, which can be exploited by attackers to obtain sensitive information from the database...