18 matches found
EUVD-2022-34624
Malicious code in bioql PyPI...
CVE-2022-38537
Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the startfile, endfile, starttime, and stoptime parameters in the binlog2sql interface...
PT-2022-24443 · Archery · Archery
Name of the Vulnerable Software and Affected Versions: Archery versions 1.4.5 through 1.8.5 Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities exist via the start file, end file, start time, and stop time parameters in the binlog2sql interface...
SQL injection vulnerability in the front-end aj***_di***.php file of Dascommerce Multi-User Mall system
Da Shangchuang is a B2B2C multi-user mall system launched by Shanghai Shangchuang Network Technology, which can build a new retail e-commerce platform for enterprises, covering multiple terminals such as PC mall, app mall, APP mall, micro mall, etc., and meeting a variety of e-commerce modes such...
CVE-2020-25760
Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database...
SQL injection vulnerability in ECShop front-end fl***.php file at Merchant Pie Software Ltd.
ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store, the system is based on PHP language and MYSQL database framework for the development of cross-platform open source program. ECShop front-end fl.php file SQL...
SQL Injection Vulnerability in kkcms foreground ac***.php file
kkcms is an open source video capture and playback system . The system is mainly used to automatically capture film and television resources and provide online playback capabilities. kkcms front ac.php file exists SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitiv...
SQL injection vulnerability in the front-end ge***_aj***_co***.php file of Dascommerce B2B2C Multi-User Mall system
Shanghai Shangchuang Network Technology Co., Ltd. is an independent e-commerce service and technology provider with development strength. A SQL injection vulnerability exists in the front-end geajco.php file of the B2B2C multi-user mall system of Da Shangchuang. An attacker can exploit the...
Stored cross-site scripting vulnerability in WODECMS front-end ne***.cl***.php file
WODECMS is a content management system developed based on a self-developed PHP development framework. A stored cross-site scripting vulnerability exists in the WODECMS front-end ne.cl.php file. An attacker can insert malicious js code into the page to obtain user cookies and other information,...
SQL Injection Vulnerability in the front-end pa***.asp file of Eco Times Enterprise Online Bookkeeping Management System
EcoTime Enterprise Online Bookkeeping Management System is an online bookkeeping software for small and medium-sized enterprises, stores, etc. It is suitable for managing cash flow accounts, accounts receivable and payable accounts, as well as company bookkeeping and other related financial...
SQL injection vulnerability in the front-end bi***_mo***.asp file of the EcoTimes Enterprise Online Bookkeeping Management System
EcoTimes Enterprise Online Bookkeeping Management System" is an online bookkeeping software, especially suitable for small and medium-sized enterprises, stores, etc. to manage cash flow accounts, accounts receivable and payable accounts, as well as the company's bookkeeping and other related...
SQL injection vulnerability in the front-end mo***_sh***_pa***.asp file of the Eco Times Enterprise Online Bookkeeping Management System.
EcoTime Enterprise Online Bookkeeping Management System is an online bookkeeping software for small and medium-sized enterprises, stores, etc. It is suitable for managing cash flow accounts, accounts receivable and payable accounts, as well as company bookkeeping and other related financial...
SQL injection vulnerability in the front-end sm***_mo***.asp file of the Eco Times Enterprise Online Bookkeeping Management System.
Eco Times Enterprise Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the front-end smmo.asp file of the Environmental Times Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obta...
SQL Injection Vulnerability in the front-end wa***_mo***.asp file of Eco Times Enterprise Online Bookkeeping Management System
Eco Times Business Online Bookkeeping Management System is a financial online bookkeeping software. SQL injection vulnerability exists in the front-end wamo.asp file of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain sensitive...
SQL injection vulnerability in the front-end xi***_mo***.asp file of the Eco Times Enterprise Online Bookkeeping Management System.
Eco Times Business Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the ximo.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain...
Code execution vulnerability in zzzcms v1.5.8 backend sa***.php file
zzcms is a free website builder developed in asp language. zzzcms v1.5.8 code execution vulnerability exists in the background sa.php file. An attacker can exploit this vulnerability to execute arbitrary code...
anmi V1.1.0 SQL Injection Vulnerability in Foreground Us***.php File
Anmi program is a program that focuses on H5 mobile website/app construction. anmi V1.1.0 A SQL injection vulnerability exists in the front-end Us.php file. An attacker can exploit the vulnerability to obtain sensitive database information...
DEBIAN-CVE-2016-5038
The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted string offset for .debugstr...