SQL Injection Vulnerability in Supplier Query System of Shanghai Haidian Software Corporation (CNVD-2022-21719)

Vendor inquiry system is based on VMI management ideas, sharing the enterprise's operational business data with suppliers, instantly controlling the sales information and inventory levels as a solution for market demand forecasting and inventory replenishment. A SQL injection vulnerability exists...

SQL Injection Vulnerability in Damon Enterprise Manager (DEM)

Damon Enterprise Manager DEM is a centralized management platform that monitors, manages and maintains DM databases through a web interface. A SQL injection vulnerability exists in Damon Enterprise Manager DEM, which can be exploited by attackers to obtain sensitive database information...

MCMS has SQL injection vulnerability (CNVD-2022-17364)

MCMS is a lightweight open source content management system developed on java.MCMS is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in BossCMS of Wenzhou Huyin Information Technology Co.

BossCMS is a web content management system. BossCMS of Wenzhou Huanxin Information Technology Co., Ltd. suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

pimcore SQL Injection Vulnerability (CNVD-2022-07503)

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce framework and product information management applications. pimcore has a SQL injection vulnerability,...

Simple Cold Storage Management System SQL Injection Vulnerability

Simple Cold Storage Management System is a powerful and flexible ERP system that includes all the complex processing functionality required for cold storage. simple Cold Storage Management System is vulnerable in v1.0 due to a SQL injection vulnerability in the system's view The vulnerability is...

Projectworlds Hospital Management System SQL Injection Vulnerability (CNVD-2022-01378)

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. v1.0 of Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to Execute illegal SQL commands to steal sensitive database data...

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-101133)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. versions 6.4.1 and earlier and 6.3.15 and...

SQL Injection Vulnerability in Flash Flood Monitoring and Early Warning System of Siltronic Ltd.

SCT is an information service provider in China, dedicated to the cause of disaster mitigation and benefit reduction, and provides the government with comprehensive solutions for disaster mitigation and benefit reduction informatization. A SQL injection vulnerability exists in the Flash Flood...

WordPress Post Content XMLRPC plugin SQL injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Post Content XMLRPC plugin, which stems from the plugin'...

PHP Event Calendar Lite Edition is vulnerable to SQL injection

PHP Event Calendar is an open source AJAX-based multi-user modern event calendar. It is easy to integrate and fully customizable.PHP Event Calendar Lite Edition is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to obtain sensitive database data...

YouPHPTube catName parameter SQL injection vulnerability

YouPHPTube is a PHP-based video website system. youPHPTube is vulnerable to SQL injection in version 10.0 and earlier, which stems from the lack of validation of external input SQL statements for the catName parameter. An attacker could use this vulnerability to execute illegal SQL commands to...

CVE-2021-41746

SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information...

Sql injection

SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information...

CVE-2021-41746

SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information...

Yonyou TurboCrm SQL注入漏洞

Yonyou TurboCrm is a customer relationship management system from China's UFIDA Network Technology Yonyou. Yonyou TurboCRM.via suffers from a SQL injection vulnerability that allows an attacker to obtain sensitive database information via the orgcode parameter in changepswd.php...

WordPress Mangboard plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. WordPress Mangboard plugin has a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in order parameters, and can be used by attackers to...

Sql injection

A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in processupdateprofile.php...

CVE-2021-41651

A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in processupdateprofile.php...

SQL Injection Vulnerability in Water Resources Engineering Management System of Siltronic Ltd.

SCT is an information service provider in China, dedicated to the cause of disaster mitigation and benefit reduction, and provides the government with comprehensive solutions for disaster mitigation and benefit reduction informatization. A SQL injection vulnerability exists in the water project...