SQL Injection Vulnerability in Taiwan Qualcomm's Website Builder System

Ares Internet is a company that specializes in Sheng Yuan interior design, real estate web design, web design, fast website, template, advertisement design, graphic design, and website building. A SQL injection vulnerability exists in the website builder system of Taiwan Ares Network, which can b...

SQL Injection Vulnerability in phpweb finished website builder system

PHPWEB system is developed with PHP+MYSQL technology, with clear architecture and easy-to-maintain code. Support pseudo-static function, can generate google and baidu map, support keywords and descriptions, in line with SEO standards. phpweb finished website builder system has a SQL injection...

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

A plugin that is designed to add quizzes and surveys to WordPress websites has patched two critical vulnerabilities. The flaws can be exploited by remote, unauthenticated attackers to launch varying attacks – including fully taking over vulnerable websites. The plugin, Quiz and Survey Master, is...

CVE-2020-15925

A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPFXPAR1 parameter...

SQL injection vulnerability in im***.asp page of website building system of Hanzhong Qiyuan Power Network Co.

Hanzhong Qiyuan Power Network Co., Ltd. is a high-tech Internet technology service provider. Hanzhong Qiyuan Power Network Co., Ltd. website building system im.asp page SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information database...

SQL Injection Vulnerability in pr***.aspx of the website building system page of Jacko Web Design Studio

Jacko Network Design Studio is an integrated communication agency with multi-faceted professional services such as website construction, graphic design, advertising production and printing. There is a SQL injection vulnerability in pr.aspx, which can be exploited by attackers to obtain sensitive...

SQL Injection Vulnerability in Website Building System of Linyi Xinbao Network Technology Co. Ltd (CNVD-2020-51582)

Linyi Xinpao Network Technology Co., Ltd. is a company that provides website construction, software development and services, e-commerce, website operation, network marketing and promotion; network technology training consulting and information services; corporate image marketing planning,...

SQL injection vulnerability in ne***_vi***.asp page of website building system of Ruian City Business Enterprise Network Technology Co.

Ruian Business Enterprise Network Technology Co., Ltd. is a high-tech enterprise dedicated to the design and production of enterprise and commercial websites, to improve the level of SMEs' network marketing applications, and to enhance the comprehensive competitiveness of enterprises in the...

Carson & SAINT SAINT Security Suite SQL Injection Vulnerability (CNVD-2020-47572)

Carson & SAINT SAINT Security Suite is the U.S. Carson & SAINT a set of vulnerability management, security configuration assessment, penetration testing and other functions of the security suite. A SQL injection vulnerability exists in the Assets component of Carson & SAINT SAINT Security Suite...

CVE-2020-16277

An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database...

SQL Injection Vulnerability in Dongsheng Logistics System of Qingdao Dongsheng Weiye Software Co.

Qingdao Dongsheng Weiye Software Co., Ltd. was founded in November 2004 formerly known as Qingdao Jinghong Logistics Information Technology Co., Ltd., the company's main business scope for shipping logistics-related products and services. A SQL injection vulnerability exists in Qingdao Dongsheng...

SQL Injection Vulnerability in Website Building System of Shenzhen Shenzhou Tongda Network Technology Co.

Shenzhen Shenzhou Tongda Network Technology Co., Ltd, provides Tencent enterprise mailbox, high-end website construction PC website, cell phone website, WeChat public account, SEO optimization and promotion, enterprise WeChat and other network infrastructure services and network marketing and...

SQL Injection Vulnerability in Coal Mine Comprehensive Informatization Control Platform of Jiangsu Sanheng Technology Co.

Jiangsu Sanheng Technology Co., Ltd. is a joint-stock technology enterprise, the company's products mainly have three specialized directions: mine safety, mine communication, mine automatic control. The main systems are KJ70X coal mine safety monitoring system, KJ128A mine personnel management...

SQL Injection Vulnerability in OA Office System of Chengdu Huigao Software Co.

Chengdu Huigao Software Co., Ltd. is an OA software developer and service provider. A SQL injection vulnerability exists in the OA office system of Chengdu Huigao Software Co. The vulnerability can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in CMS Backend of Luoyang Yunye Information Technology Co.

Yunye CMS enterprise building system is a php open source cms specialized in small and medium-sized enterprise website construction. Luoyang Yunye Information Technology Co., Ltd. Yunye CMS background SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive informatio...

SQL injection vulnerability in p***.php page of website building system of Inner Mongolia Wando Information Technology Co.

Wando Technology is an information technology company dedicated to enterprise informatization application services, in order to actively promote the development of enterprise informatization and e-commerce, because of the transparency, so the integrity of the enterprise policy. It is an applicati...

SQL injection vulnerability in p***.php page of website building system of Inner Mongolia Wando Information Technology Co.

Wando Technology is an information technology company dedicated to enterprise informatization application services, in order to actively promote the development of enterprise informatization and e-commerce, because of the transparency, so the integrity of the enterprise policy. It is an applicati...

SQL injection vulnerability in a***.php page of website building system of Inner Mongolia Wando Information Technology Co.

Wando Technology is an information technology company dedicated to enterprise informatization application services, in order to actively promote the development of enterprise informatization and e-commerce, because of the transparency, so the integrity of the enterprise policy. It is an applicati...

typo3 -- multiple vulnerabilities

Typo3 Team reports: In case an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case the internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a TYPO3 installation. This...

Gansu Xiusen Network Information Technology Co., Ltd. website building system has SQL injection vulnerabilities

Gansu Xiusen Network Information Technology Co., Ltd abbreviation: Xiusen Network, located in Anning District, Lanzhou, Gansu, the company is engaged in software development, website development and other high-tech. Gansu Xiusen Network Information Technology Co., Ltd. website building system has...