SQL Injection Vulnerability in Website Building System of Dalian Dawn Times Technology Development Co.

Dalian Dawn Times Technology Development Co., Ltd. is an Internet company dedicated to the field of network infrastructure services. A SQL injection vulnerability exists in the website building system of Dalian Dawn Times Technology Development Co. An attacker can exploit the vulnerability to...

SQL Injection Vulnerability in ESPCMS Ar***.php Page

ESPCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in the ESPCMS Ar.php page, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in ne***.php page of website building system of Suzhou Ernst Network Technology Co.

Suzhou Ernst Network Technology Co., Ltd. is a company engaged in marketing planning, providing website design, graphic design, program development and Internet marketing. Suzhou Ernst Network Technology Co., Ltd. website building system ne.php page SQL injection vulnerability, attackers can use...

SQL Injection Vulnerability in ne***.php Page of Pangu Network Technology Co.

Pangu provides enterprises with intelligent integrated marketing services based on Baidu's commercial product system, covering brand marketing, effect marketing, digital marketing, media marketing, content marketing, public relations marketing, and event execution. There is a SQL injection...

SQL Injection Vulnerability in Huaxia ERP System

Huaxia ERP based on the SpringBoot framework , SaaS model , aspires to provide small and medium-sized enterprises with open source good ERP software , currently focusing on sales and inventory + financial functions . Huaxia ERP system SQL injection vulnerability , attackers can use the...

SQL Injection Vulnerability in Website Building System of Guangzhou LEAFCO Network Technology Co.

Ltd. is a website design company that provides website application system, mobile APP application system and WeChat public number for enterprise users. A SQL injection vulnerability exists in the website building system of Guangzhou LEAF Network Technology Co. An attacker can exploit the...

Jiangsu Chuhuai Software Technology Development Co., Ltd. cell phone letters and visits (mass version) APP interface xf*** parameters exist SQL injection vulnerability

Mobile Phone Petition Mass Version APP is the mass-specific version of Jiangsu Mobile Phone Petition APP with technical support provided by Jiangsu Chuhuai Software Technology Development Co. There is a SQL injection vulnerability in the interface xf parameter of Jiangsu Chuhuai Software Technolo...

S-CMS news portal system background ajax.php C_1yuan parameter SQL injection vulnerability

S-CMS news portal system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station. S-CMS news portal system background aj.php C1 parameters exist SQL injection vulnerability, attackers can use the vulnerability to obtain database...

CentOS 7 : unixODBC (CESA-2019:2336)

An update for unixODBC is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Implant Teardown

Posted by Ian Beer, Project Zero In the earlier posts we examined how the attackers gained unsandboxed code execution as root on iPhones. At the end of each chain we saw the attackers calling posixspawn, passing the path to their implant binary which they dropped in /tmp. This starts the implant...

S-CMS enterprise website builder system backend P_br*** parameter exists SQL injection vulnerability

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in the Pbr parameter in the background of S-CMS enterprise website building system. Attackers...

Cybozu Garoon vulnerable to SQL injection

Overview Cybozu Garoon provided by Cybozu, Inc. contains an SQL injection vulnerability CWE-89 in the processing of Todo portlet. Shoji Baba reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/C...

SQL injection vulnerability in zzcms backend (CNVD-2019-30313)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in the backend of zzcms, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2019-1935

A vulnerability in Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account scpuser, which has default user...

Default credentials

A vulnerability in Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account scpuser, which has default user...

PT-2019-3020 · Cisco · Cisco Ucs Director Express For Big Data +2

Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC Supervisor versions affected versions not specified Cisco UCS Director versions affected versions not specified Cisco UCS Director Express for Big Data versions affected versions not specified...

SQL Injection Vulnerability in ZZCMS zh***_ma***.php Page

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the ZZCMS zhma.php page, which can be exploited by attackers to obtain sensitive information from the database...

Sql injection

IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IB...

SQL Injection Vulnerability in Online Management System of Xianqi Kindergarten

Shanxi Xianqi Technology Co., Ltd. is a high-tech enterprise integrating research and development, production, sales and service of hardware and software. A SQL injection vulnerability exists in the Kindergarten Online Management System KOMS, which can be exploited by attackers to access sensitiv...

PT-2019-17101 · Ibm · Ibm Emptoris Spend Analysis +1

Name of the Vulnerable Software and Affected Versions: IBM Contract Management versions 10.1.0 through 10.1.3 IBM Emptoris Spend Analysis versions 10.1.0 through 10.1.3 Description: The issue allows a remote attacker to send specially-crafted SQL statements, which could enable the attacker to vie...