SQL Injection Vulnerability in the groupUrl Parameter of getGroupedDiagnosisTemplate of Internet User Speed Measurement Platform of Freescale Technology (Beijing) Co.

FeiShiDa Technology Beijing Co., Ltd. Internet user speed test platform is used to provide users with mobile broadband online test WEB system. The product has a SQL injection vulnerability, the vulnerability URL is: http://targe/getGroupedDiagnosisTemplate?groupUrl=, the injection parameter is:...

SQL injection vulnerability in the dztm parameter of the ggjs/zdzx/dztj.jsp page of the ilasIII digital library system of Shenzhen Ketu Automation New Technology Application Company.

Integrated Library Automation System ILAS is the Ministry of Culture in 1988 as a national key scientific and technological projects issued by the Shenzhen Library to undertake and organize the development of a set of libraries at home and abroad to adapt to different levels, a variety of scales,...

SQL Injection Vulnerability in Remote Rapid Application Access Solution System mxcheckuserMachine.php Page Parameter a of UFIDA Information Technology Ltd.

UFIDA UPC Information Technology Co., Ltd. remote rapid application access solution is to use U8 remote access can be realized instantly access to the company's application systems and enterprise information and simplify the deployment and management of complex computing environment. The product...

SQL injection vulnerability in the info_id parameter of PlacardView.aspx page of OA system of Shanghai Shuang Yang Computer Hi-Tech Development Co.

Shanghai Shuang Yang Computer Hi-Tech Development Company Shuang Yang for short is a high-tech enterprise mainly engaged in application software development and system integration. The product /DSOATY/FromBaoShan/LaborSpecial/PlacardView.aspx?infoid=1 at the existence of SQL injection...

SQL Injection Vulnerability in Engineering Quality Supervision Station Comprehensive Information Service Platform of Zhuhai Xinhua Tong Software Co.

Engineering Quality Supervision Station comprehensive information service platform is mainly construction project quality and safety supervision and other related series of software products. The product exists SQL injection vulnerability, the vulnerability URL is:...

Zabbix 2.2.x/3.0.x - SQL Injection

========================================== Title: Zabbix 3.0.3 SQL Injection Vulnerability Product: Zabbix Vulnerable Versions: 2.2.x, 3.0.x Fixed Version: 3.0.4 Homepage: http://www.zabbix.com Patch link: https://support.zabbix.com/browse/ZBX-11023 Credit: 1N3@CrowdShield...

WordPress Plugin Booking Calendar SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own weblogs on servers that support PHP and MySQL databases.Booking Calendar is a WEB-based calendar application. A SQL injection vulnerability exists in the WordPress plugin Booking Calendar. An...

Shenzhen Dingcheng Internet Technology Co., Ltd. official website builder system SQL injection vulnerability

Enterprise official website building system provides a variety of website data system, each site according to different characteristics and industries to choose, Dingcheng network independent development of the background program. Shenzhen Dingcheng Internet Technology Co., Ltd. official website...

SQL Injection Vulnerability in Beijing Super Star Huiya Digital Book Literature Service System

Huiya Digital Book and Documentation Service System is an online Chinese library. The product suffers from SQL injection vulnerability, which can be exploited by attackers to obtain database information...

WordPress Video Player SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation.WordPress Video Player is a video plugin for WordPress, through which you can easily add videos to your website. WordPress Video Player has multiple SQL injection vulnerabilities. An...

PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website

Cyber attacks get bigger, smarter, more damaging. PrnHub launched its bug bounty program two months ago to encourage hackers and bug bounty hunters to find and responsibly report flaws in its services and get rewarded. Now, it turns out that the world's most popular prngraphy site has paid its...

TeamPass 'users.queries.php' SQL Injection Vulnerability

TeamPass is a dedicated password manager for Apache, MySQL and PHP. TeamPass suffers from a SQL injection vulnerability that can be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

Tmdocs dns_dhcp SQL Injection Vulnerability

Tmdocs dnsdhcp is a web interface that allows management of DNSmasq a tool for configuring DNS and DHCP and static DHCP leases in Mikrotik routers. A SQL injection vulnerability exists in Tmdocs dnsdhcp. An attacker could use this vulnerability to take control of an application, access or modify...

SQL Injection Vulnerability in the Remote Consultation System of Beijing Blue Weather Technology Co.

BlueVision is a high-tech company that provides telemedicine services. A SQL injection vulnerability exists in the Blue Guardian Teleconsultation System of Tong Technology Limited, which can be exploited by attackers to obtain database data...

SQL Injection Vulnerability in the Food and Drug Administration Portal of Sea Rainbow Enterprises (Holdings) Co.

Sea Rainbow Enterprises Holdings Limited Food and Drug Administration Portal System is a set of portals designed for the Food and Drug Administration around the world. A SQL injection vulnerability exists in the Food and Drug Administration portal system. An attacker can exploit the vulnerability...

Siemens SICAM PAS Information Disclosure Vulnerability (CNVD-2016-04434)

SICAM PAS is an energy automation solution for the operation of substation equipment. It has open communication interfaces for power system control and control of industrial power supply equipment. An information disclosure vulnerability exists in Siemens SICAM PAS. An authenticated, local attack...

Siemens SICAM PAS Information Disclosure Vulnerability

SICAM PAS is an energy automation solution for the operation of substation equipment. It has open communication interfaces for power system control and control of industrial power supply equipment. An information disclosure vulnerability exists in Siemens SICAM PAS. An attacker with privileged...

MySQL Server Login Possible

Nessus was able to log into the remote MySQL server using the supplied credentials. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid91823; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/01/27"; scriptnameenglish:"MySQL Server Log...

Generalized SQL Injection Vulnerability in Triple-Meaning Network CMS System

Three Tomorrow Italian Network CMS is a website building system for major enterprises and social organizations. Three Tomorrow's Intentions Web CMS has a sql injection vulnerability, through which an attacker can obtain database information, resulting in the disclosure of sensitive information...

MEDHOST Perioperative Information Management System Unauthorized Operation Vulnerability

MEDHOST Perioperative Information Management System PIMS is a suite of solutions covering surgical treatment, nursing care and other services from MEDHOST, Inc. that includes an anesthesia information management system AIMS, remote host control and streamlined patient tracking. A security...