CVE-2017-17824

The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batchmanagerunit.php elementids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database...

CVE-2017-17823

The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php orderby array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database...

SQL Injection Vulnerability in ThinkLC V3.5 Classified Information System withdrawal.php Page

ThinkLC Classified Information System is a local classified information system built on PHP+MYSQL development. A SQL injection vulnerability exists in the ThinkLC V3.5 Classified Information System withdrawal.php page due to the program failing to adequately filter user-supplied input. An attacke...

WordPress Top-10 2.4.2 SQL Injection

DefenseCode ThunderScan SAST Advisory: WordPress Top-10 Plugin SQL Injection Security Vulnerability Advisory ID: DC-2017-12-003 Advisory Title: WordPress Top-10 Plugin SQL Injection Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Top-10 plugin...

SQL Injection Vulnerability in Shanghai Sizen GPS Global Positioning Monitoring and Dispatching System

Shanghai Sizen GPS Global Positioning Monitoring and Dispatching System is a set of integrated GPS, GIS, GPRS or CDMA1X and compatible with GSM technology to provide users with mobile target positioning, monitoring, scheduling, alarming, information communication and other services. SQL injection...

SQL Injection Vulnerability in Rice CMS v5.99

DAMI CMS is a free open-source, fast, simple PC station and cell phone station integration integration system, is committed to providing users with simple, fast PC station and smartphone station building solutions. There is a SQL injection vulnerability in the back-end of DAMI CMS v5.99, which ca...

SQL Injection Vulnerability in ThinkLC Classifieds auth.php Page

ThinkLC Classified Information System is a local classified information system built on PHP+MYSQL development. A SQL injection vulnerability exists in the auth.php page of the ThinkLC Classified Information System. The vulnerability is caused due to the system failing to effectively filter...

SQL Injection Vulnerability in SaxueArticle Article Management System Pending.php Page

SaxueArticle article management system is a php+MySQL for the development of php article management system. A SQL injection vulnerability exists in the SaxueArticle article management system's pending.php page. The vulnerability stems from the program's failure to adequately filter user-supplied...

SQL Injection Vulnerability in Website Construction System of Langfang Dingyun Computer Network Service Co.

Langfang Dingyun Computer Network Service Co., Ltd. specializes in providing IT services and e-commerce solutions. A SQL injection vulnerability exists in the website construction system of Langfang Dingyun Computer Network Service Co. The vulnerability is caused due to the system failing to...

SQL Injection Vulnerability in Website Construction System of Anyang Zhidao Media Co.

Anyang Zhidao Media Co., Ltd. is a network company engaged in Internet business and software development, providing domain name registration, website construction, website hosting, website maintenance, website revision, network promotion, enterprise post office, call center and other full set of...

EasySNS Minimalist Community loginHandle method suffers from SQL injection vulnerability

EasySNS Minimalist Community is for the new database architecture and program structure, to the group as the basic unit to form an interactive community. A SQL injection vulnerability exists in the loginHandle method of the EasySNS community. The vulnerability is due to the failure of the system ...

Hefei Chenguang Electronic Technology Co., Ltd. website construction system multiple parameters exist SQL injection vulnerability

Hefei Chenguang Electronic Technology Co., Ltd. is a domestic Internet operation service provider with technical strength and rich experience in website construction and operation. Hefei Chenguang Electronic Technology Co., Ltd. website construction system has SQL injection vulnerability in sever...

SQL injection vulnerability in SaxueArticle article management system money.php page

SaxueArticle article management system is a php+MySQL for the development of php article management system. A SQL injection vulnerability exists in the money.php page of the SaxueArticle article management system. The vulnerability stems from the program's failure to adequately filter...

SQL Injection Vulnerability in ThinkLC Classifieds Information System template.php Page

ThinkLC Classified Information System is a local classified information system built on PHP+MYSQL development. A SQL injection vulnerability exists in the template.php page of ThinkLC Classified Information System. It allows attackers to exploit the vulnerability to gain access to sensitive...

SQL Injection Vulnerability in SaxueArticle Article Management System artcle.php Page

SaxueArticle article management system is a php+MySQL for the development of php article management system. SaxueArticle article management system artcle.php page SQL injection vulnerability, the vulnerability stems from the program on the user to provide input is not sufficiently filtered, an...

SQL injection vulnerability in shownews.hb page of website building system of Jiangxi Huabang Media Co.

Jiangxi Huabang Media Co., Ltd. is a comprehensive IT company integrating enterprise informationization construction, network development and Internet marketing. There is a SQL injection vulnerability in the shownews.hb page of the website building system of Jiangxi Huabang Media Co. The...

SQL Injection Vulnerability in SaxueArticle Article Management System Expand.php Page

SaxueArticle article management system is a php+MySQL for the development of php article management system. SaxueArticle article management system expand.php page SQL injection vulnerability, the vulnerability stems from the program on the user to provide input is not sufficiently filtered, an...

SQL Injection Vulnerability in News.asp Page of Frontier Technology Website Building System

Zaozhuang Frontier Technology Co., Ltd. is a technology enterprise engaged in software technology services. A SQL injection vulnerability exists in the news.asp page of Frontier Technology's website construction system. An attacker can exploit this vulnerability to obtain sensitive information fr...

SQL Injection Vulnerability in EML Enterprise Address Book Management System action.link.php file

EML enterprise customer relationship management system is based on Linux open kernel and Apache based Php + Mysql intelligent B / S interactive service system. A SQL injection vulnerability exists in the EML Enterprise Contact Management System action.link.php file. An attacker can exploit this...

SQL Injection Vulnerability in the Construction System of China's Small and Medium-sized Enterprises Heilongjiang Network

Heilongjiang Provincial SME Technology Innovation Service Center is approved by the State Science and Technology Commission and the Provincial Editorial Committee to provide public welfare and supportive technology services for SMEs as a financial full-budget appropriation institution. China's...