SQL Injection Vulnerability in Azeus CMS 2.0 Backend

Central CMS 2.0 is a cms system made by Central Studio, this CMS is written in UTF-8 coding. Azeus CMS 2.0 has a SQL injection vulnerability in the background, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Website Building System of Ningbo Youdao Network Technology Co.

Ningbo Youdao Network Technology Co., Ltd. is an Internet company specializing in corporate brand Internet digital communication and Internet integrated marketing. Ningbo Youdao Network Technology Co., Ltd. has a SQL injection vulnerability in its website building system, which can be exploited b...

SQL Injection Vulnerability in Zhejiang Instant E-commerce Co.

Ltd. is a website construction based on the integration of network marketing, bidding ranking, marketing hosting and other integrated e-commerce network marketing company. Ltd. building system there are SQL injection vulnerabilities, attackers can use the vulnerability to obtain sensitive...

SQL Injection Vulnerability in nucms V1.1

nucms is a content management system based on PHP+MYSQL technology developed by Liaocheng Leadsun Network Technology Co. nucms V1.1 version of SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information...

ShopsN open source online store system adHandle function there are SQL injection vulnerabilities

ShopsN free version of the B2C e-commerce is a product of Shanghai Yisu Network Technology Co., Ltd. a full-featured enterprise-class commercial standards in line with the real allow free commercial use of open source online store full network system. ShopsN 2.3.3 official version of the adHandle...

SQL injection vulnerability in PbootCMS V1.1.7 Do***.php page (CNVD-2018-17754)

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Do.php page has a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive information from the database...

PbootCMS V1.1.7 SQL Injection Vulnerability in Sl***.php Page

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 SQL injection vulnerability exists in Sl.php page. An attacker can exploit the vulnerability to obtain sensitive information in the database...

PbootCMS V1.1.7 SQL Injection Vulnerability in Li***.php Page

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Li.php page SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in Website Building System of Shanghai Wuwu Laike Technology Co.

Shanghai Wuwu Laike Technology Co., Ltd. is an enterprise dedicated to Internet and mobile Internet services. There is a SQL injection vulnerability in the website builder system of Shanghai Wuwu Laike Technology Co. An attacker can exploit the vulnerability to obtain sensitive information from t...

SQL injection vulnerability in Ne***.asp page of website builder system of Guangzhou Hande Network Technology Co.

Ltd. is a network company specializing in Internet technology services, network technology development and application in one. A SQL injection vulnerability exists in the Ne.asp page of the website building system of Guangzhou HAND Network Technology Co. An attacker can use the vulnerability to...

SQL injection vulnerability in ac***.php page of PinYou Movie & TV website builder system

PinYou film and television station building system is a set of add video, with membership system, recharge system, is a set of film and television station can be charged to watch the source code. SQL injection vulnerability exists in the ac.php page of the PinYou Movie & TV website builder system...

SeedDMS SQL Injection Vulnerability

SeedDMS formerly known as LetoDMS and MyDMS is SeedDMS enthusiasts jointly developed a set of PHP and MySql-based open source document management system . The system is mainly used to store and share documents. A SQL injection vulnerability exists in the 'Users management' feature in SeedDMS...

Starbucks: Backup Source Code Detected

Impact Depending on the nature of the source code disclosed, an attacker can mount one or more of the following types of attacks:•Access the database or other data resources. With the privileges of the account obtained, attempt to read, update or delete arbitrary data from the database. •Access...

SQL Injection Vulnerability in the Website Building System of Taiyuan Guoyuantiancheng Network Technology Co.

Taiyuan Guoyuan Tiansheng Network Technology Co., Ltd. mainly provides enterprises with Baidu, 360 search engine clicks without deduction marketing promotion, APP custom development, Taobao Tmall Jingdong store operation and maintenance, WeChat public platform and small program development, PC,...

SQL Injection Vulnerability in the Website Building System of Shanghai AoS Network Technology Co.

Shanghai Avantage Network Technology Co., Ltd. provides website construction, mobile services, WeChat development, domain name registration, enterprise mailbox, cloud server, SMS marketing, 720 degree panoramic display, VI design and product photography services as the core business of small and...

ZZCMS 8.3 suffers from SQL Injection Vulnerability

zzcms is asp language to do free open-source website building system, mainly facing the majority of webmasters to use. ZZCMS website builder system 8.3 SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

Design/Logic Flaw

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determine...

CVE-2017-3183

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determine...

CVE-2017-3183 Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determine...

CVE-2017-3183

Sage XRT Treasury v3 is affected by CVE-2017-3183 through an authorization bypass where database access privileges are determined by the USER_CODE field. An authenticated, low-privilege user can alter USER_CODE to match a privileged user and gain full/privileged access to the SQL database, enabli...