Five Fingers CMS v4.1.0 SQL Injection Vulnerability in Frontend

Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS v4.1.0 SQL injection vulnerability exists in the front-end , an attacker can exploit the vulnerability to obtain sensitive information in the database...

SQL Injection Vulnerability in EmpireCMS Se***.php Page

EmpireCMS Empire Website Management System is a content management system CMS. An SQL injection vulnerability exists in the EmpireCMS Se.php page, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in the front-end wa***_mo***.asp file of Eco Times Enterprise Online Bookkeeping Management System

Eco Times Business Online Bookkeeping Management System is a financial online bookkeeping software. SQL injection vulnerability exists in the front-end wamo.asp file of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain sensitive...

SQL injection vulnerability in the front-end xi***_mo***.asp file of the Eco Times Enterprise Online Bookkeeping Management System.

Eco Times Business Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the ximo.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain...

SQL Injection Vulnerability in Penta Campus Network Application System Management Software

PantoSchool.Net is a complete solution for networked learning schools! A SQL injection vulnerability exists in PantoSchool.Net Application System Management Software. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in the sl***.aspx page of the Bid frontend of Qixing bidding system Bid (CNVD-2019-06239)

Qixing Bidding System Bid is a system suitable for enterprises to collect information on bidding information of government procurement, engineering construction, land grant, etc., and to track the progress of works and payment of successful projects. A SQL injection vulnerability exists in the...

VulnCheck KEV: CVE-2017-18362

ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database...

Sql injection

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...

CVE-2017-18362

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...

CVE-2017-18362

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...

PT-2019-6222 · Kaseya · Kaseya Vsa

Name of the Vulnerable Software and Affected Versions: Kaseya VSA versions through 2017 Description: The issue allows unauthenticated remote commands, providing full direct access to the Kaseya VSA database. Attackers have exploited this in the wild to download and execute ransomware payloads on...

Changsha Tianxin District Binnet Network Technology Service Department's website building system pc***/?classa suffers from SQL injection vulnerability.

Changsha Tianxin District Bin net network technology service department is a focus on small and medium-sized enterprise website set up, for the company, enterprises, individuals to provide more perfect, more efficient services and solutions to a company. Changsha City, Tianxin District, Bin netwo...

SQL injection vulnerability in the co***.aspx and de***.aspx files in the frontend of Gallery, a Qixing image & video library.

Qixing Image & Video GalleryGallery is mainly used to store images or videos in the company. SQL injection vulnerability exists in the frontend co.aspx and de.aspx files of the Qixing Image & Video Gallery, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Sh***.asp File of Shop7z Online Shopping System Fashion Edition

Shop7z online shopping system is ASP online store platform software, providing comprehensive application services based on Internet solutions. Shop7z online shopping system fashion version of the front Sh.asp file SQL injection vulnerability, an attacker can exploit the vulnerability to obtain...

SQL Injection Vulnerability in Qingdao Shangzhixin Network Technology Co.

Qingdao Business to letter network technology limited company, is a professional engaged in e-commerce, network marketing, software development, IDC and related network value-added services of high-tech specialized companies. There is a SQL injection vulnerability in sh.php, which can be exploite...

SQL Injection Vulnerability in Showo***.asp File of Shop7z Online Shopping System Fashion Edition

Shop7z online shopping system is to support Alipay, WeChat payment and a variety of commonly used interfaces, computer and cell phone version and APP seamless combination of data as a whole. Shop7z online shopping system fashion version of the foreground Showo.asp file there is a SQL injection...

Shop7z Online Shopping System Fashion Edition Frontend Sh***.asp File SQL Injection Vulnerability

Shop7z online shopping system is to support Alipay, WeChat payment and a variety of commonly used interfaces, computer and cell phone version and APP seamless combination of data as a whole. Shop7z online shopping system fashion version of the front Sh.asp file SQL injection vulnerability...

SQL Injection Vulnerability in YunGouCMS v7.1

YunGouCMS is a website builder provided by Taurus Networks for the cloud purchasing model. YunGouCMS v7.1 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2019-3906

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents...

SQL Injection Vulnerability in Website Building System of Zhongshan Shangyou Network Technology Co.

Zhongshan Shangyou Network Technology Co., Ltd. is a company dedicated to Internet branding and Internet marketing. There is a SQL injection vulnerability in the website building system of Zhongshan Shangyou Network Technology Co., Ltd, which can be exploited by attackers to obtain sensitive...