SQL Injection Vulnerability in PIMS Online Order Management System of Dotop Technology Inc.

PIMS online order management system is suitable for single page ordering website, general product ordering website and other ordering websites. A SQL injection vulnerability exists in DotTop's PIMS Online Order Management System, which can be exploited by attackers to obtain sensitive database...

SQL injection vulnerability in PIMS online order management system re***.php file

PIMS online order management system for single-page ordering sites, general product ordering sites and other ordering sites, designed to facilitate the full background management through the fast integration of Alipay, Paypal, eBao, netbank online, PayPal and other payment interfaces, management ...

Will ISO 27701 Be the New GDPR Certification?

On August 6, ISO published the ISO/IEC 27701:2019 "ISO 27701" standard, which lays out the requirements for implementing an organizational program to govern the handling of personally identifiable information PII, known as a Privacy Information Management System PIMS. In many ways, the new standa...

PIMS order management system controller\buy.php has SQL injection vulnerability

PIMS is an online order management system for subscription-based websites. An SQL injection vulnerability exists in controller\buy.php of the PIMS order management system. An attacker can exploit the vulnerability to obtain sensitive database information...

PIMS order management system step2.php has a reload vulnerability

PIMS is an online order management system for subscription-based websites. A reinstallation vulnerability exists in step2.php of the PIMS order management system. Since the program does not validate the installation, an attacker can use the vulnerability to reinstall the system and directly...

CVE-2016-4328

MEDHOST Perioperative Information Management System aka PIMS or VPIMS before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server...

Hardcoded credentials

MEDHOST Perioperative Information Management System aka PIMS or VPIMS before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server...

CVE-2016-4328

CVE-2016-4328 affects MEDHOST PIMS (and related MEDHOST components) before 2015R1, where hard-coded credentials grant direct access to the customer database via the application server. Affected components include PIMS/VPIMS, with the CVSS indicating Critical impact (C/H, I/H, A/H) and NETWORK acc...

CVE-2016-4328

MEDHOST Perioperative Information Management System aka PIMS or VPIMS before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server...

MEDHOST Perioperative Information Management System Unauthorized Operation Vulnerability

MEDHOST Perioperative Information Management System PIMS is a suite of solutions covering surgical treatment, nursing care and other services from MEDHOST, Inc. that includes an anesthesia information management system AIMS, remote host control and streamlined patient tracking. A security...

MEDHOST Perioperative Information Management System contains hard-coded database credentials

Overview MEDHOST Perioperative Information Management System PIMS versions prior to 2015R1 contain hard-coded credentials that are used for customer database access. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-4328MEDHOST PIMS, previously branded as VPIMS, contains hard-coded...