Shijiazhuang Diyi planning website building system SQL injection vulnerabilities

Diyi Planning website builder is an enterprise website builder system. Shijiazhuang Diyi Planning website builder system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

SQL injection vulnerability in id parameter of website building system of Suzhou Golden Shield Network Technology Co.

Ltd. is mainly engaged in website construction, website promotion, website optimization, enterprise post office, color page samples and other services for Suzhou enterprises. Suzhou Golden Shield Network Technology Co., Ltd. building system id parameters exist SQL injection vulnerability, attacke...

SQL Injection Vulnerability in Ju Teng Technology's Website Building System

Ju Teng Technology website building system is an enterprise website building system. SQL injection vulnerability exists in the Ju Teng Technology website builder system/product.php?pid= page, which can be exploited by attackers to obtain sensitive information from the database...

MODX Revolution SQL Injection Vulnerability (CNVD-2017-30635)

MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A SQL injection vulnerability exists in MODX Revolution versions 2.x through 2.5.6. A remote attacker ca...

Pioneer Embedded Telephone Recording System suffers from weak password, SQL injection vulnerabilities

Ltd. is engaged in group telephone system and communications equipment development, sales as one of the communications enterprises. A weak password and SQL injection vulnerability exists in the Pioneer Embedded Telephone Recording System. It allows an attacker to log in to the system platform usi...

NexusPHP forummanage.php file SQL Injection Vulnerability

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A SQL injection vulnerability exists in the NexusPHP forummanage.php file, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or...

WordPress Podlove Podcast Publisher SQL Injection Vulnerability

WordPress Podlove Podcast Publisher is a workflow-oriented solution for podcasters who want to save time and gain complete control over the integrity of their Podcast publishing process, published content, and published content. A SQL injection vulnerability exists in the orderby parameter in...

WordPress Easy Modal classescontrolleradminmodals.php file SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability in the WordPress Easy Modal classescontrolleradminmodals.php file allows remote attackers to...

IBOS Enterprise Collaboration Management Software CompanyController.php page actionDel function has SQL injection vulnerability

IBOS Enterprise Collaboration Management Software is a PHP-based collaborative office management system. An SQL injection vulnerability exists in the actionDel function on the CompanyController.php page of IBOS Enterprise Collaboration Management Software. Allows attackers to exploit the...

CVE-2017-12774

CVE-2017-12774 affects FineCMS 1.9.5, with a vulnerability in the file controllers/member/ContentController.php that allows remote attackers to manipulate the website database. Multiple connected sources describe an SQL injection risk in this controller, enabling unauthorized database operations....

Microsoft SQL Server Information Disclosure Vulnerability (KB4019092)

This host is missing an important security update according to Microsoft KB4019092. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

SQL Injection Vulnerability in NETS9 Multi-Star System Reference Station Receiver Control Software of Guangzhou Nanfang Satellite Navigation Instrument Co.

The NETS9 is a multi-satellite system reference station receiver. A SQL injection vulnerability exists in the control software of the NETS9 multi-satellite system reference station receiver of Guangzhou Nanfang Satellite Navigation Instrument Co., Ltd. that could be exploited by an attacker to...

WordPress Podlove Podcast Publisher plugin <=2.5.3 - SQL injection (SQLi) vulnerability

SQL injection SQLi vulnerability found by Neven Biruski in WordPress Podlove Podcast Publisher plugin version 2.5.3 and earlier version. This vulnerability allows registered users to get access to the database even if they don't have full administrator rights. Moreover, Cross Site request forgery...

PHP-Bridge Component SQL Injection Vulnerability in Joomla!

Joomla! is an open source, cross-platform content management system developed using PHP and MySQL. A SQL injection vulnerability exists in the id parameter in Joomla! PHP-Bridge, which can be exploited by attackers to access or modify database data...

LMS King Professional Component SQL Injection Vulnerability in Joomla!

Joomla! is an open source, cross-platform content management system developed using PHP and MySQL. A SQL injection vulnerability exists in the cpid parameter in Joomla! LMS King Professional, which can be exploited by attackers to access or modify database data...

Event Registration Pro Calendar Component SQL Injection Vulnerability in Joomla!

Joomla! is an open source, cross-platform content management system developed using PHP and MySQL. A SQL injection vulnerability exists in the id parameter in Joomla! Event Registration Pro Calendar, which can be exploited by attackers to access or modify database data...

Trend Micro Control Manager SQL Injection Vulnerability (CNVD-2017-20301)

Trend Micro Control Manager is the centralized management console for managing Trend Micro products and services. A SQL injection vulnerability in Trend Micro Control Manager allows remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

Trend Micro Control Manager SQL Injection Vulnerability (CNVD-2017-20300)

Trend Micro Control Manager is the centralized management console for managing Trend Micro products and services. A SQL injection vulnerability in Trend Micro Control Manager allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain...

SQL Injection and Arbitrary Traversal Download Vulnerabilities in Zhejiang Dahua Intelligent Operation and Maintenance Management System

Zhejiang Dahua Intelligent Operation and Maintenance Platform, based on the field of video surveillance in the security industry, adopts the technologies of intelligent analysis, fault detection and workflow engine, integrates the functions of video quality diagnosis, video recording checking and...

Trend Micro Control Manager SQL Injection Vulnerability (CNVD-2017-20422)

Trend Micro Control Manager is the centralized management console for managing Trend Micro products and services. A SQL injection vulnerability in Trend Micro Control Manager allows remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...