3898 matches found
CVE-2019-16207
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges...
Hardcoded credentials
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges...
CVE-2019-16207
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges...
CVE-2019-16207
CVE-2019-16207 affects Broadcom/ Brocade SANnav prior to version 2.0. The issue is a hard-coded password in SANnav, enabling local authenticated attackers to access the back-end database and escalate privileges. Connected sources confirm the vulnerability exists in SANnav versions before 2.0 and ...
SQL Injection Vulnerability in MetInfo7 cl***.php Page
MetInfo is an open source and free CMS building system suitable for enterprise building, MetInfo enterprise website management system is mainly used to build enterprise websites, using PHP + Mysql architecture. MetInfo7 cl.php page SQL injection vulnerability , attackers can use the vulnerability...
CVE-2019-8143
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with access to email templates can send malicious SQL queries and obtain access to sensitive information stored in the database...
CVE-2019-8130
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation privileges can execute arbitrary SQL queries by getting access to the database connection through group instance in email templates...
SQL Injection Vulnerability in PHPMyWind Website Building System (CNVD-2019-43877)
PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . There is a SQL injection vulnerability in the PHPMyWind website builder system, which can be exploited by an attacker to obtain sensitive information from the database...
SQL injection vulnerability in seacms backend (CNVD-2019-43678)
Ocean CMS seacms is a video-on-demand system based on PHP+MySql technology. There is a SQL injection vulnerability in the backend of seacms, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in Shanghai Kaijie Information Website Building System
Founded in 2009, Kaijie Information is a high-tech enterprise engaged in Internet application and software development, mainly serving in the field of e-commerce, e-government and enterprise Internet service. A SQL injection vulnerability exists in Shanghai Kaijie Information's website building...
SQL Injection Vulnerability at Zendo PMS Plugin Installation
Zendo PMS is a set of project management software developed by Easoft Tianchuang in order to solve the chaotic and disorganized phenomenon that occurs in the management process of many enterprises. Zendo PMS plug-in installation at the existence of SQL injection vulnerability, attackers can use t...
One Stop Technology website builder system suffers from SQL injection vulnerability
One Stop Technology formerly Fuyang Tongtou.com, specializing in tourism enterprises to provide tourism network marketing one-stop service, we only focus on the tourism industry network marketing services, is the tourism network marketing one-stop service platform. There is a SQL injection...
SQL Injection Vulnerability in ZZCMS Frontend
ZZCMS is a content management system for Merchants Network. A SQL injection vulnerability exists in the frontend of ZZCMS. An attacker can exploit this vulnerability to obtain sensitive information from the database...
NiuShop suffers from SQL injection vulnerability (CNVD-2019-43346)
Niushop open source mall using thinkphp5.0 MySQL development language development , completely open source mall system , can be used for enterprises , individuals to establish their own online free mall , support for open source WeChat Mall , open source applet , open source new retail , B2B2C,...
AUO SunVeillance Monitoring System 1.1.9e - MailAdd SQL Injection
AUO SunVeillance Monitoring System 1.1.9e - MailAdd SQL Injection Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prio...
SQL Injection Vulnerability in pr***.asp Page of Yiming Networks Website Builder System
Yiming network is engaged in website construction, webpage production, website promotion, website optimization, webpage design, website maintenance, domain name registration, web hosting, enterprise mailbox, space rental, website promotion, 3721 network real name, Baidu bidding ranking, Google...
SQL Injection Vulnerability in Chengdu JINWEI TECHNOLOGY CO.
Chengdu, Chengdu, this network technology is a Chengdu, engaged in website planning, web design, website construction and development, website optimization, Internet marketing and other professional services in the field of network technology limited company. A SQL injection vulnerability exists ...
Sangoma Technologies SBC Parameter Injection Vulnerability
The Sangoma Technologies SBC is a border session controller SBC from Sangoma Technologies, a Canadian company. A parameter injection vulnerability exists in Sangoma Technologies SBC version 2.3.23-119-GA, which can be exploited by an attacker to bypass authentication and log in as a non-existing...
Oracle PeopleSoft Enterprise HCM Human Resources CVE-2019-2951 Remote Security Vulnerability
Description Oracle PeopleSoft Enterprise HCM Human Resources is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. These vulnerabilities affect the following supported versions: 9.2 Technologies Affected Oracle PeopleSoft Enterprise HCM Huma...
SQL injection vulnerability in seacms backend ad***_co***.php page
seacms ocean video management system, ocean cms is a video-on-demand system based on PHP + MySql technology. There is a SQL injection vulnerability in the adco.php page in the background of seacms. Attackers can use the vulnerability to obtain sensitive information in the database...