Lucene search
K

9785 matches found

CNVD
CNVD
added 2015/05/14 12:0 a.m.1 views

SQL Injection Vulnerability in Engineering Quality Supervision Platform of Zhuhai Xinhua Tong Software Co.

A SQL injection vulnerability exists in the Supervision Platform of Zhuhai Xinhua Tong Software Co. An attacker is allowed to exploit this vulnerability to obtain sensitive database information...

7.9AI score
Exploits0
CNVD
CNVD
added 2015/05/11 12:0 a.m.2 views

AlienVault OSSIM Plugin ID SQL Injection Vulnerability

AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM handles NBE Plugin DI with a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...

8AI score
Exploits0References1
CNVD
CNVD
added 2015/04/30 12:0 a.m.5 views

Novell ZENworks 'ScheduleQuery' Method SQL Injection Vulnerability

Novell ZENworks is a suite of software that supports automated IT management and business process management across resources within an organization. A SQL injection vulnerability in the 'ScheduleQuery' method of the schedule class in Novell ZENworks allows remote attackers to submit specially...

9.8CVSS8AI score0.0708EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/26 12:0 a.m.2 views

Drumbeat CMS SQL Injection Vulnerability

Drumbeat CMS is a SME hosted Content Management System CMS from Drumbeat Australia. The system supports FTP transfer of files, user management and more. A SQL injection vulnerability exists in the index02.php file in Drumbeat CMS, which stems from the program failing to adequately filter...

8AI score
Exploits0References1
CNVD
CNVD
added 2015/03/26 12:0 a.m.1 views

Tenmiles Helpdesk Pilot Knowledge Base Plugin SQL Injection Vulnerability

Tenmiles Helpdesk Pilot is a web-based helpdesk and customer support software from Tenmiles India that provides remote assistance, problem management, customer management, etc. Knowledge Base is one of the knowledge base plug-ins. A SQL injection vulnerability exists in the Tenmiles Helpdesk Pilo...

8AI score
Exploits0References1
CNVD
CNVD
added 2015/03/26 12:0 a.m.2 views

Easy Travel Portal SQL Injection Vulnerability

Easy Travel Portal is a set of ASP-based travel management applications. A SQL injection vulnerability exists in Easy Travel Portal, which arises from the program failing to adequately filter user-submitted input before constructing SQL query statements. An attacker could use this vulnerability t...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2015/03/23 12:0 a.m.1 views

Joomla! 'com_tpjobs' component 'id_c[]' parameter SQL injection vulnerability

Joomla! is an open source content management system. A SQL injection vulnerability exists in the 'idc' parameter of the 'comtpjobs' component of Joomla! Due to the program failing to adequately filter SQL queries before they are used. Allowing an attacker to compromise the application, access or...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2015/03/23 12:0 a.m.3 views

ProjectSend SQL Injection Vulnerability

ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. A SQL injection vulnerability exists in the client-edit.php script in ProjectSend version r561. Since the users-edit.php script fails to adequately filter the 'id' parameter. A remote attacker can...

6.5CVSS8.5AI score0.03103EPSS
Exploits1References1
CNVD
CNVD
added 2015/03/19 12:0 a.m.1 views

724CMS Has Multiple SQL Injection Vulnerabilities

724CMS is a content management system. 724CMS suffers from multiple SQL injection vulnerabilities due to the program failing to properly filter user-submitted input. The vulnerabilities allow remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

8.2AI score
Exploits0References1
CNVD
CNVD
added 2015/03/19 12:0 a.m.1 views

724CMS SQL 'ID' Parameter SQL Injection Vulnerability

724CMS is a content management system. A SQL injection vulnerability exists in the 724CMS SQL 'ID' parameter due to the program failing to properly filter user-submitted input. The vulnerability allows remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

8AI score
Exploits0References1
CNVD
CNVD
added 2015/03/16 12:0 a.m.3 views

SQL Injection Vulnerability in Special Equipment Safety Monitoring System of Fuzhou Development Zone Chuangda Electronics Co.

Fuzhou Development Zone Chuangda Electronics Co., Ltd. special equipment safety monitoring system is a set of safety monitoring system for regulating elevators and other special equipment. Fuzhou Development Zone, Chuangda Electronics Co., Ltd. special equipment safety monitoring system there are...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2015/03/12 12:0 a.m.1 views

SQL injection vulnerability in HIMS-type hotel management system Photo_zh-cn.php page of Beijing Century Compass E-commerce Co.

Beijing Century Compass E-commerce Co., Ltd HIMS-type hotel management system is a set of software to provide management services for hotels, supporting membership, food and beverage, website/mobile application, intelligent cloth, channel distribution, revenue management and so on. There is a SQL...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2015/03/12 12:0 a.m.2 views

SQL Injection Vulnerability in the Collaboration Management System/c6/Jhsoft.Web.login/NewList.aspx Page of Beijing Jinhe Network Co.

Beijing Jinhe Network Co., Ltd. collaborative management system, according to the precise management ideas guided by the 6C management concept design, the Internet technology, computer technology, Luan Runfeng's management concepts, Chinese culture, the four are closely integrated, the core of...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2015/03/09 12:0 a.m.3 views

SQL Injection Vulnerability in Youyou's Email System of Shenzhen Hechen Communication Technology Co.

Shenzhen Hechen Communication Technology Co., Ltd. Youyou mail system is a modern enterprise to set up a professional e-mail service of a set of overall solutions, the mail system not only provides the conventional e-mail functions, but also extends the e-mail monitoring, e-mail antivirus, e-mail...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2015/02/03 12:0 a.m.4 views

Unspecified SQL Injection Vulnerability in Piwigo

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. Piwigo suffers from an unspecified SQL injection vulnerability that could be exploited by attackers to compromise the...

7.5CVSS8AI score0.01424EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/28 12:0 a.m.4 views

Free Reprintables ArticleFR SQL Injection Vulnerability

Free Reprintables ArticleFR is an article directory scripting system from Free Reprintables Philippines. The system supports search engine optimization, anti-spam filters and page creation. A SQL injection vulnerability exists in the 'getProfile' function in the Free Reprintables ArticleFR...

7.5CVSS8.3AI score0.01342EPSS
Exploits2References1
CNVD
CNVD
added 2015/01/26 12:0 a.m.3 views

ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' SQL Injection Vulnerability

ServiceDesk Plus is web-based helpdesk software that helps users manage all their communications from a single point. ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' has a SQL injection vulnerability due to the program failing to adequately filter user-supplied data before using it in SQL...

6.5CVSS8AI score0.0393EPSS
Exploits1References1
CNVD
CNVD
added 2015/01/22 12:0 a.m.2 views

McAfee Data Loss Prevention Endpoint SQL Injection Vulnerability

McAfee Network Data Loss Prevention monitors network traffic and protects against data loss. A SQL injection vulnerability exists in McAfee Data Loss Prevention Endpoint, which could be exploited by an attacker to execute arbitrary SQL commands...

8.5AI score
Exploits0References1
CNVD
CNVD
added 2015/01/08 12:0 a.m.2 views

WordPress Plugin AJAX Post Search 'the_search_function' SQL Injection Vulnerability

WordPress is a content management system developed using the PHP language. WordPress plugin AJAX Post Search 'thesearchfunction' suffers from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via the 'thesearchtext' parameter...

7.5CVSS8.6AI score0.02242EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2014/10/20 6:55 p.m.4 views

CVE-2014-8366

SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php...

7.5CVSS6.4AI score0.02072EPSS
Exploits1References4
Rows per page
Query Builder