CVE-2019-17428

An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation exists, allowing for all encrypted data stored within the database to be decrypted...

SQL injection vulnerability in website building system of Shantou Sanhut Technology Co. Ltd (CNVD-2020-02273)

Ltd. is a company that focuses on designing, producing and providing personalized e-commerce solutions for enterprises. Ltd. website building system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Tongxia Internet Website Building System (CNVD-2020-02261)

Tongxia Interconnection is a newly established technical team, with website construction as the main focus. Undertake various companies, enterprises, factories, stores, individual website construction, website mall construction, foreign trade website construction, portal construction. There is a...

SQL Injection Vulnerability in pr***.asp Page of Time Network Website Builder System

Time Network is a service outsourcing enterprise that integrates the development of network application technology, creative website design, network marketing and promotion services, and provides a full set of network marketing solutions, and is a professional company that focuses on...

SQL Injection Bypass Vulnerability in CloudLock Server Side for Windows (CNVD-2020-02256)

CloudLock is a free server security management software based on operating system kernel hardening technology, which supports cross-platform real-time, batch and remote security management of windows/linux servers. The Windows version of CloudLock server-side SQL injection bypass vulnerability ca...

ZZZphp sa***.php page li*** parameter has SQL injection vulnerability

ZZZphp is a PHP and MYSQL based on free open source website building system . ZZZphp sa.php page li parameter SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in Heilongjiang Zihai Technology Group Co.

IISI Technology Group Co., Ltd. to provide a full set of Internet solutions for enterprises as the main direction is a set of domain name registration, IDC services, website construction and operation, APP development, software system development and other Internet services as one of the group...

CVE-2019-5111

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...

SQL Injection Vulnerability in Guangzhou Yuejian Sanhe Software Co.

Guangzhou Yuejian Sanhe Software Co., Ltd. was founded in 1995, mainly engaged in the research and development, sales and service of "urban construction and management" software. A SQL injection vulnerability exists in the website building system of Guangzhou Yuejian Sanhe Software Co., Ltd, whic...

CVE-2019-19015

TitanHQ WebTitan (before version 5.18) contains an authentication-free proxy that exposes the appliance’s internal PostgreSQL database. The proxy allows connections to the database without password authentication, enabling an attacker to fully control the appliance database and, through it, pursu...

CVE-2019-4387

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 162715...

Sql injection

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 162715...

IBM Sterling B2B Integrator SQL Injection Vulnerability (CNVD-2019-44534)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A SQL injection vulnerability exists in IBM Sterling B2B...

WebOA network office automation software suffers from SQL injection vulnerability (CNVD-2019-45143)

WebOA network office automation software is an office software that allows company employees to download and upload shared information through a browser. A SQL injection vulnerability exists in WebOA Network Office Automation Software. An attacker can exploit the vulnerability to obtain sensitive...

SQL Injection Vulnerability in Jinhang Online Marking System

JINHANG online marking system can provide a variety of performance analysis reports based on the measurement of students, classes, schools, grades, teachers, subjects, knowledge points, etc., and can provide a comprehensive analysis of the results of each student's previous examinations. There is...

Jeeplus has a SQL injection vulnerability

JeePlus is a code generator based on JAVA rapid development platform , a java rapid development framework that can help solve 80% of the java project repetitive work . Jeeplus has a SQL injection vulnerability that can be exploited by attackers to access sensitive database data...

SQL injection vulnerability in ne***.php page of website building system of Hebei Chenguang Network Technology Co.

Hebei Chenguang Network Technology Co., Ltd. is subordinate to Hebei Chenguang Holding Group, founded in 2005, is a high-tech enterprise dedicated to providing informationization construction for various enterprises and government agencies. Hebei Chenguang Network Technology Co., Ltd. building...

SQL Injection Vulnerability in opensns Backend

OpenSNS is a comprehensive social software developed by Thinking Sky. A SQL injection vulnerability exists in the opensns backend, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in in***.php file of Laikai e-commerce system (CNVD-2020-00184)

Laike e-commerce system is an open source e-commerce system. Laike e-commerce system in.php file contains a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...

SQL injection vulnerability in the ad***.php page ti***, em***, un***, co*** parameters of the website building system of Huizhou Zhongxing Internet Technology Co.

Zhongxing Internet technology station building company is a Huizhou professional network marketing system service providers, focusing on website construction and SEO optimization of a reasonable combination. Huizhou City Zhongxing Internet Technology Co., Ltd. station building system ad.php page...