27 matches found
Grandstream UCM6200 SQL Injection Vulnerability
The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. A SQL injection vulnerability exists in the Grandstream UCM6200 series prior to version 1.0.20.22. The vulnerability stems from a database-based application that lacks validation of externally...
Nextcloud Android SQL Injection Vulnerability
Nextcloud is a suite of client-server software for creating network drives.Nextcloud Android is the Nextcloud Android client. A security vulnerability exists in Nextcloud Android. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications...
Equinox Control Expert SQL Injection Vulnerability
Equinox Control Expert is a human interface and data acquisition and monitoring system from Equinox Argentina. A SQL injection vulnerability exists in Equinox Control Expert. The vulnerability stems from a lack of validation of externally entered SQL statements in a database-based application. A...
TYPO3 SQL Injection Vulnerability (CNVD-2019-40296)
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A SQL injection vulnerability exists in the back-end of TYPO3, which stems from a lack of validation of externally entered SQL statements in database-based applications and can be exploited...
Lansweeper SQL Injection Vulnerability
Lansweeper is an IT asset management system. A SQL injection vulnerability exists in Lansweeper versions prior to 7.1.117.4, which stems from a lack of validation of externally-entered SQL statements in database-based applications and can be exploited by an attacker to execute illegal SQL command...
Metinfo SQL Injection Vulnerability (CNVD-2019-24207)
MetInfo is a content management system CMS developed by China Mito MetInfo using PHP and Mysql. A SQL injection vulnerability exists in MetInfo version 6.x. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can explo...
MKCMS SQL Injection Vulnerability
MKCMS is a content management system. A SQL injection vulnerability exists in MKCMS version V5.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...