890 matches found
FUEL CMS SQL Injection Vulnerability (CNVD-2021-74294)
FUEL CMS is a content management system CMS based on the Codelgniter framework. FUEL CMS in version 1.5.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter col in the software's /FUEL/index.php/FUEL/logs/items for externally-inputted SQL...
SQL injection vulnerability exists in the website building system of Four Creation Technology Co.
SCT is a Chinese information service provider dedicated to disaster reduction and development, providing the government with comprehensive solutions for disaster reduction and development information. There is a SQL injection vulnerability in the website building system of Four Creation Technolog...
Simple Water Refilling Station Management System SQL注入漏洞
Simple Water Refilling Station Management System is a simple water refilling station management system . A SQL injection vulnerability exists in the v1.0 version of Simple Water Refilling Station Management System, which originates from the application WaterRefilling/classes/Login.php, the userna...
SQL Injection Vulnerability in Panmicro e-cology (CNVD-2021-73908)
Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management and...
Sql injection
EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcmsweb/Search.php component via the attrarray parameter. This vulnerability allows attackers to access sensitive database information...
SQL Injection Vulnerability in Gridview of Dawning Information Industry Co.
Gridview is the all-in-one comprehensive management system for high-performance computing platforms. A SQL injection vulnerability exists in Gridview of Dawning Information Industry Company Limited, which can be exploited by attackers to obtain sensitive information from the database...
CVE-2020-22122
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...
Sql injection
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...
CVE-2020-22122
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request...
Nagios XI SQL Injection Vulnerability
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A SQL injection vulnerability exists in the Bulk Modification Tool in versions of Nagios XI prior to 5.8.5. The vulnerability stems fr...
CVE-2020-20981
A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information...
CVE-2020-20981
A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information...
SQL Injection Vulnerability in Smart Meter Integrated Management System of Xintian Technology Co.
Xintian Technology Co., Ltd. is a professional manufacturer and supplier of water meters, energy meters and gas meters. A SQL injection vulnerability exists in the Smart Meter Integrated Management System of Xintian Technology Corporation, which can be exploited by attackers to obtain sensitive...
rConfig SQL Injection Vulnerability (CNVD-2021-61757)
rConfig is an open source network device configuration management utility. rConfig version 3.9.5 contains a SQL injection vulnerability in config.inc.php, which can be exploited by sending a specially crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php to access sensitive database...
rConfig SQL Injection Vulnerability (CNVD-2021-61756)
rConfig is an open source network device configuration management utility. rConfig version 3.9.5 is vulnerable to a SQL injection vulnerability that stems from an unvalidated dbName parameter in ajaxDbInstall.php, which can be exploited by attackers to access sensitive database information...
CVE-2020-23150
A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...
CVE-2020-23149
The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information...
Jeecg-boot CMS SQL Injection Vulnerability
Jeecg-Boot is a code generator-based intelligent development platform. jeecg-boot CMS version 2.3 of /jeecg boot/sys/dict/loadtreedata is vulnerable to SQL injection, which can be exploited by attackers to access sensitive database information...
CVE-2020-28087
A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information...
CVE-2020-28087
A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information...