Kentico Xperience SQL Injection Vulnerability

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the Online Marketing Macro Method parameter. An attacker can exploit this vulnerability to...

WordPress Asgaros Forum plugin SQL Injection Vulnerability

WordPress Asgaros Forum plugin is a lightweight forum plugin designed specifically for WordPress to support the rapid creation and management of forum pages, providing basic posting, replying, user management and other functions. WordPress Asgaros Forum plugin suffers from a SQL injection...

WordPress plugin Quiz Maker SQL注入漏洞

WordPress Quiz Maker plugin is a WordPress plugin for creating online quizzes, exams and questionnaires with multiple question types and customization support. WordPress Quiz Maker plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally...

novel-plus SQL注入漏洞

novel-plus is a multi-end PC, WAP reading and functional original literary CMS system. A SQL injection vulnerability exists in novel-plus version v3.6.2. The vulnerability stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this...

Security Bulletin: GNOME libxml2 vulnerability affects IBM Safer Payments (CVE-2023-29469)

Summary Libxml2 is used by IBM Safer Payments as part of PMML models, external queries, and docx file templates for Outgoing Channel Configurations. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-29469 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service,...

JeecgBoot SQL注入漏洞

JeecgBoot is a Java low-code platform for enterprise Web applications in China. A SQL injection vulnerability exists in JeecgBoot version 3.0, which stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...

Esri Arcgis Server SQL注入漏洞

Esri Arcgis Server is a Web-oriented, enterprise-class software platform that can be used to provide geolocation services from Esri, Inc. Esri ArcGIS Server suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based...

Dell Emc Streaming Data Platform SQL注入漏洞

Dell Emc Streaming Data Platform is a Dell platform for ingesting, storing and analyzing continuous streaming data in real time. A security vulnerability exists in Dell Emc Streaming Data Platform, which arises from a database-based application that lacks validation of externally entered SQL...

Solis Gnuteca SQL Injection Vulnerability

Solis Gnuteca is a library management system from Solis Brazil. The system includes features such as e-mail alerts, automated inventory, location tracking and user registration. A SQL injection vulnerability exists in Solis Gnuteca version 3.8. The vulnerability stems from a database-based...

Rukovoditel SQL Injection Vulnerability (CNVD-2020-26656)

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software has project management , customer relationship management and other functions . A SQL injection vulnerability exists in Rukovoditel version 2.5.2. The vulnerability stems from a lack ...

Metinfo SQL Injection Vulnerability (CNVD-2019-42845)

MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A SQL injection vulnerability exists in MetInfo. The vulnerability stems from a lack of validation of externally entered SQL statements in the database-based application. An attacker can exploit this...