SQL injection vulnerability in fields parameter under source/ajax.php file of doyocms system

DOYO universal station-building system using PHP and MYSQL development, is a free open source CMS station-building, enterprise station-building system , can be widely used for personal, business, government, institutions and many other website construction. doyocms system source/ajax.php file und...

Hdcms framework foreground wd parameter has SQL injection vulnerability

HDCMS is a content management system package written in PHP. A SQL injection vulnerability exists in the frontend wd parameter of the hdcms framework, due to the program failing to adequately filter the wd parameter and only doing the corresponding code audit on the source code. An attacker is...

SQL Injection Vulnerability in Uni Call Calling System

Uni Call Customer Service Edition is a professional software application platform designed for inbound customer service centers. A SQL injection vulnerability exists in the Uni Call call system. The lack of filtering of the /uncalllib/index.php parameter allows attackers to exploit the...

SQL injection vulnerability in zzcms xff inc/function.php (CNVD-2016-07187)

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. SQL injection vulnerability exists in zzcms product version, the trigger point of the vulnerability is in xff inc/function.php, the attacker can use the vulnerability to obtain the...

SQL Injection Vulnerability in Special Equipment Inspection Management System of Fuzhou Tranda Electronics Co.(CNVD-2016-06021)

Fuzhou Tranda Electronics Co., Ltd. is a high-tech enterprise specializing in software development, system integration, security services and other computer information services. Fuzhou Chuangda Electronics Co., Ltd. special equipment inspection management system is a data information management...

SQL injection vulnerability in news.htm?id=parameter of distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is centered on real-time interactive online classroom, combining powerful functions such as courseware on demand, course transaction, online payment and online examination to build a perfect online knowledge transaction platform for students and...

CMS system of Yingkou Aisda Computer Information Network Co., Ltd. suffers from sql injection vulnerability

Yingkou Aisda Computer Information Network Co., Ltd CMS system is a content management system. The product suffers from a sql injection vulnerability, which can be exploited by an attacker to obtain sensitive database information...

SQL Injection Vulnerability in 'roleName' Parameter of Founder Xiangyu CMS System

Founder Xiangyu CMS system is a full-process management platform for website information release. A SQL injection vulnerability exists in the Founder Xiangyu CMS system. The lack of filtering of the 'roleName' parameter allows attackers to exploit the vulnerability to obtain sensitive database...

SQL Injection Vulnerability in DeptId Parameter of Wave Software Administrative Services System

The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the DeptId parameter of the administrati...

SQL Injection Vulnerability in Comay RAS System

The Comet RAS system is a system that provides organizations with a centralized method of managing remote access to applications from a central point. A SQL injection vulnerability exists in the Comay RAS system. An attacker could exploit the vulnerability to gain access to sensitive database...

SQL Injection Vulnerability in Hode-soft System

Nanjing Hidi METEX Software Co., Ltd. is an outstanding enterprise with application software and quality service, jointly invested by Hidi Investment Corporation and Canada METEX Corporation, a new joint-stock private enterprise focusing on high-quality, humanized application software development...

WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/11586/info Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL...