Bacula-web SQL Injection Vulnerability

Bacula-Web is a suite of web-based applications for reporting and monitoring Bacula backup software. A SQL injection vulnerability exists in Bacula-Web versions prior to 8.0.0-rc2. A remote attacker could exploit this vulnerability to access the Bacula database and elevate privileges...

SQL Injection Vulnerability in xycms Advertising Design Center Website System

xycms advertising design center website system is to asp + access for the development of advertising company website. A SQL injection vulnerability exists in the xycms Advertising Design Center website system. The vulnerability stems from the program's failure to effectively filter the variable...

Sql injection

Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server...

CVE-2017-15367

Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server...

SQL Injection Vulnerability in PHP Version of Rex Design Website Building System

R&S Design is an Internet solution provider in Guangdong, focusing on the study of the development status of small and medium-sized enterprises around the world, and is committed to promoting enterprises to embark on the road of comprehensive informatization. Rui Si Design website construction...

CVE-2017-15536

An issue was discovered in Cloudera Data Science Workbench CDSW 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combination to gain root access to CDSW nodes, gain...

SQL Injection Vulnerability in ShopsN v2.2.5 Official Version

ShopsN Mall system is a product of Shanghai Yiso Network Technology Co., Ltd, an enterprise-class commercial standard full-featured allow free commercial use of the open source online store full network system. ShopsN v2.2.5 official version of the AppUploadController.class.php page SQL injection...

SQL Injection Vulnerability in zzcms 8.2 user/check.php File

zzcms is an enterprise website builder program It is an enterprise website builder program. An SQL injection vulnerability exists in the user/check.php file of zzcms version 8.2, which can be exploited by attackers to access or modify database data...

SQL Injection Vulnerability in zzcms 8.2 user/del.php File

zzcms is an enterprise website builder program It is an enterprise website builder program. zzcms 8.2 version user/del.php file SQL injection vulnerability, attackers can exploit the vulnerability to access or modify the database data...

SQL Injection Vulnerability in zzcms 8.2 user/msg.php File

zzcms is an enterprise website builder program It is an enterprise website builder program. An SQL injection vulnerability exists in the user/msg.php file of zzcms version 8.2, which can be exploited by attackers to access or modify database information...

SQL Injection Vulnerability in CMS of Shenzhen Aipres Technology Co.

Ltd. is engaged in website construction, enterprise application software development, enterprise network brand integration of enterprise "brand" management one-stop solution. Ltd. building CMS there are SQL injection vulnerabilities, attackers can use the vulnerability to access or modify the...

SQL Injection Vulnerability in the Website Construction System of Henan Win Business Technology Co.

Henan Wincom Technology Co., Ltd. is a strategy, creativity, design, technology, service as the core of the Internet company, mainly engaged in website construction, platform building, software development, planning programs and other services. Henan Win Business Technology Co., Ltd. website...

SQL Injection Vulnerability in Situ CMS Companion Travel Page

Situ CMS is a self-developed website management system suitable for tourism website construction. A SQL injection vulnerability exists in the travel companion page of SITO CMS. The vulnerability is caused due to the system failing to strictly filter the data entered by the user. This vulnerabilit...

SQL Injection Vulnerability in CloudLock Win_3.1.6 Version

CloudLock is a free server security management software based on operating system kernel hardening technology, which supports cross-platform real-time, batch and remote security management of windows/linux servers. CloudLock Win3.1.6 has a SQL injection vulnerability that can be exploited by...

SQL Injection Vulnerability in Website Construction System of Fuyang Xinpin Network Technology Co.(CNVD-2018-01950)

Fuyang City Xinpin Network Technology Co., Ltd. is a technology-based enterprise focusing on providing full network marketing solutions for the majority of tourism enterprises. The website construction system of Xinpin Network Technology Co., Ltd. suffers from SQL injection vulnerability, which c...

SQL Injection Vulnerability in Process Banking Infrastructure Platform of Beijing Yinsan Gold Service Technology Co.

The basic platform of process bank is to take the process as the object of IT system implementation, intending to build a commercial bank "assembly line" work platform, according to the product, business line, the process of IT curing, optimization, and ultimately build a complete set of IT syste...

Smooth Slider <= 2.8.6 - Authenticated SQL Injection

During the security analysis, ThunderScan discovered SQL injection vulnerability in Smooth Slider WordPress plugin. The easiest way to reproduce the vulnerability is to visit the provided URL while being logged in as administrator or another user that is authorized to access the plugin settings...

SQL Injection Vulnerability in the addProgram Method of ChaseGrid's WeChat Small Program App Store System

Chasing the grid WeChat small program application store system is a free open source small program store system developed by Chasing the grid technology. The addProgram method of the ChaseGrid WeChat applet store system has a SQL injection vulnerability. Attackers can use the vulnerability to...

Piwigo Configuration Component SQL Injection Vulnerability

Piwigo is a set of web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing categories, tags, time, etc. Configuration component is a component for configuration. A SQL injection vulnerability exists in the Configuration component ...

Piwigo Batch Manager Component SQL Injection Vulnerability

Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing category, tag, time, etc. Batch Manager component is one of the manager components. A SQL injection vulnerability exists in the Batch Manager component in Piwigo...