9785 matches found
SQL Injection Vulnerability in Engineering Quality Supervision Platform of Zhuhai Xinhua Tong Software Co.
A SQL injection vulnerability exists in the Supervision Platform of Zhuhai Xinhua Tong Software Co. An attacker is allowed to exploit this vulnerability to obtain sensitive database information...
AlienVault OSSIM Plugin ID SQL Injection Vulnerability
AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM handles NBE Plugin DI with a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...
Novell ZENworks 'ScheduleQuery' Method SQL Injection Vulnerability
Novell ZENworks is a suite of software that supports automated IT management and business process management across resources within an organization. A SQL injection vulnerability in the 'ScheduleQuery' method of the schedule class in Novell ZENworks allows remote attackers to submit specially...
Drumbeat CMS SQL Injection Vulnerability
Drumbeat CMS is a SME hosted Content Management System CMS from Drumbeat Australia. The system supports FTP transfer of files, user management and more. A SQL injection vulnerability exists in the index02.php file in Drumbeat CMS, which stems from the program failing to adequately filter...
Tenmiles Helpdesk Pilot Knowledge Base Plugin SQL Injection Vulnerability
Tenmiles Helpdesk Pilot is a web-based helpdesk and customer support software from Tenmiles India that provides remote assistance, problem management, customer management, etc. Knowledge Base is one of the knowledge base plug-ins. A SQL injection vulnerability exists in the Tenmiles Helpdesk Pilo...
Easy Travel Portal SQL Injection Vulnerability
Easy Travel Portal is a set of ASP-based travel management applications. A SQL injection vulnerability exists in Easy Travel Portal, which arises from the program failing to adequately filter user-submitted input before constructing SQL query statements. An attacker could use this vulnerability t...
Joomla! 'com_tpjobs' component 'id_c[]' parameter SQL injection vulnerability
Joomla! is an open source content management system. A SQL injection vulnerability exists in the 'idc' parameter of the 'comtpjobs' component of Joomla! Due to the program failing to adequately filter SQL queries before they are used. Allowing an attacker to compromise the application, access or...
ProjectSend SQL Injection Vulnerability
ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. A SQL injection vulnerability exists in the client-edit.php script in ProjectSend version r561. Since the users-edit.php script fails to adequately filter the 'id' parameter. A remote attacker can...
724CMS Has Multiple SQL Injection Vulnerabilities
724CMS is a content management system. 724CMS suffers from multiple SQL injection vulnerabilities due to the program failing to properly filter user-submitted input. The vulnerabilities allow remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...
724CMS SQL 'ID' Parameter SQL Injection Vulnerability
724CMS is a content management system. A SQL injection vulnerability exists in the 724CMS SQL 'ID' parameter due to the program failing to properly filter user-submitted input. The vulnerability allows remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...
SQL Injection Vulnerability in Special Equipment Safety Monitoring System of Fuzhou Development Zone Chuangda Electronics Co.
Fuzhou Development Zone Chuangda Electronics Co., Ltd. special equipment safety monitoring system is a set of safety monitoring system for regulating elevators and other special equipment. Fuzhou Development Zone, Chuangda Electronics Co., Ltd. special equipment safety monitoring system there are...
SQL injection vulnerability in HIMS-type hotel management system Photo_zh-cn.php page of Beijing Century Compass E-commerce Co.
Beijing Century Compass E-commerce Co., Ltd HIMS-type hotel management system is a set of software to provide management services for hotels, supporting membership, food and beverage, website/mobile application, intelligent cloth, channel distribution, revenue management and so on. There is a SQL...
SQL Injection Vulnerability in the Collaboration Management System/c6/Jhsoft.Web.login/NewList.aspx Page of Beijing Jinhe Network Co.
Beijing Jinhe Network Co., Ltd. collaborative management system, according to the precise management ideas guided by the 6C management concept design, the Internet technology, computer technology, Luan Runfeng's management concepts, Chinese culture, the four are closely integrated, the core of...
SQL Injection Vulnerability in Youyou's Email System of Shenzhen Hechen Communication Technology Co.
Shenzhen Hechen Communication Technology Co., Ltd. Youyou mail system is a modern enterprise to set up a professional e-mail service of a set of overall solutions, the mail system not only provides the conventional e-mail functions, but also extends the e-mail monitoring, e-mail antivirus, e-mail...
Unspecified SQL Injection Vulnerability in Piwigo
Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. Piwigo suffers from an unspecified SQL injection vulnerability that could be exploited by attackers to compromise the...
Free Reprintables ArticleFR SQL Injection Vulnerability
Free Reprintables ArticleFR is an article directory scripting system from Free Reprintables Philippines. The system supports search engine optimization, anti-spam filters and page creation. A SQL injection vulnerability exists in the 'getProfile' function in the Free Reprintables ArticleFR...
ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' SQL Injection Vulnerability
ServiceDesk Plus is web-based helpdesk software that helps users manage all their communications from a single point. ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' has a SQL injection vulnerability due to the program failing to adequately filter user-supplied data before using it in SQL...
McAfee Data Loss Prevention Endpoint SQL Injection Vulnerability
McAfee Network Data Loss Prevention monitors network traffic and protects against data loss. A SQL injection vulnerability exists in McAfee Data Loss Prevention Endpoint, which could be exploited by an attacker to execute arbitrary SQL commands...
WordPress Plugin AJAX Post Search 'the_search_function' SQL Injection Vulnerability
WordPress is a content management system developed using the PHP language. WordPress plugin AJAX Post Search 'thesearchfunction' suffers from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via the 'thesearchtext' parameter...
CVE-2014-8366
SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php...