SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co.

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in anysec Second Generation Firewall System of Shenzhen Zhongke NetWizard Technology Co.

Ltd. is a high-tech enterprise focusing on the research, development and production of network security products. Shenzhen Zhongke NetWizard Technology Co., Ltdanysec second generation firewall system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive...

Kashipara Music Management System SQL Injection Vulnerability

Kashipara Music Management System is a music management system from Kashipara. A SQL injection vulnerability exists in Kashipara Music Management System v1.0, which originates from the lack of validation of the "id" parameter of /music/viewuser.php against external SQL input, and can be exploited...

Kashipara Music Management System SQL Injection Vulnerability (CNVD-2024-37435)

Kashipara Music Management System is a music management system from Kashipara. Kashipara Music Management System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the search parameter of /music/ajax.php?action=findmusic against external SQL input,...

SQL Injection Vulnerability in Saber Enterprise Development Platform of Shanghai Breadtech Co.

Ltd. is a software technology-oriented enterprise with high-end software technology consulting and microservice technology architecture design as its main business. A SQL injection vulnerability exists in the Saber Enterprise Development Platform of Shanghai Breadtech Limited, which can be...

Computer Laboratory Management System SQL Injection Vulnerability

Computer Laboratory Management System is a computerized laboratory management system. A SQL injection vulnerability exists in Computer Laboratory Management System version 1.0 due to a lack of validation of externally entered SQL statements in the parameter id. An attacker can exploit this...

CVE-2024-39027

SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked...

Information Disclosure

silverstripe/framework is vulnerable to Information Disclosure. The vulnerability is due to sensitive database connection details potentially being exposed in stack traces when running in dev mode with the mysqli database driver...

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-2024-31573)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-2024-30550)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

Qingdao Aimi Cloud Software Co., Ltd. yueku enterprise network disk SQL injection vulnerability

Founded in 2015, Qingdao AmiCloud Software Co., Ltd. is a professional enterprise document management company, dedicated to enterprise document management web disk related technology research and development, resource integration, product promotion, project application and so on. Qingdao Aimi Clo...

SQL Injection Vulnerability in UFIDA NC of UFIDA Network Technology Co. Ltd (CNVD-2024-28042)

UFIDA NC is a large erp enterprise management system and e-commerce platform. A SQL injection vulnerability exists in UFIDA NC, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in springblade Framework of Shanghai Breadtech Co.

Ltd. is a software technology-oriented enterprise with high-end software technology consulting and microservice technology architecture design as its main business. Ltd springblade framework has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database...

SAP Global Label Management SQL Injection Vulnerability

SAP Global Label Management is a global label management system from SAP. SAP Global Label Management suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal S...

J2EEFAST SysMsgPushMapper.xml File SQL Injection Vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from SysMsgPushMapper.xml findPage...

SQL Injection Vulnerability in Kotto's Fully Intelligent Parking Video Charging System (CNVD-2024-25885)

Xiamen KTO Communication Technology Co., Ltd. is a professional intelligent parking value operator. A SQL injection vulnerability exists in KETO's fully intelligent parking video charging system, which can be exploited by an attacker to obtain sensitive information from the database...

RHEL 7 : ovirt-engine (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ovirt-engine: webadmin log out must logout all sessions CVE-2016-6338 - ovirt-engine: API exposes power...

RuvarOA sys_file_storage_id parameter SQL injection vulnerability (CNVD-2024-33626)

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the sysfilestorageid parameter in the /WorkFlow/wfworkfinishfiledown.aspx file against external SQL input. An attacker can explo...

RuvarOA id parameter SQL injection vulnerability (CNVD-2024-33617)

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the templateid parameter in the /SysManage/wftemplatechildfieldlist.aspx file against external SQL input. An attacker can exploi...

RuvarOA id Parameter SQL Injection Vulnerability

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /SysManage/sysblogtemplatenew.aspx file that lacks validation of externally entered SQL statements. An attacker can exploit this...