CVE-2016-5432

The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files...

MyBB SQL Injection Vulnerability (CNVD-2016-08094)

MyBB is based on PHP MySQL build , powerful , efficient open source forum system . MyBB SQL injection vulnerability , allowing attackers to exploit the vulnerability to obtain sensitive database information...

PHPCMS V9 ipbanned.php file SQL injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in the PHPCMS V9 ipbanned.php file, which allows attackers to exploit the vulnerability to...

SQL injection vulnerability in the gid parameter of the Default.aspx page of the CMS system of the resource management platform of Beijing HBM Information Technology Co.

Resource Management Platform CMS is a comprehensive management and application platform based on the cloud service system, through a multi-layer system architecture, establishing a multi-level cloud platform and cloud application environment covering provinces, municipalities, counties, schools a...

SQL injection vulnerability in the user_name parameter of Request.aspx page of Nanjing Fargo Streaming Media System.

Nanjing Fargo streaming media system is mainly used for applications such as network TV, live event broadcasting, remote education, enterprise roadshow and multimedia public information service, etc. The system integrates computer, network, audio/video and mobile communication and other related...

SQL Injection Vulnerability in hdcms Framework rname Parameter

HDCMS is a content management system package written in PHP. A SQL injection vulnerability exists in the rname parameter of the hdcms framework, as the program fails to adequately filter the rname parameter and only does corresponding code auditing on the source code. An attacker is allowed to...

Hdcms framework foreground wd parameter has SQL injection vulnerability

HDCMS is a content management system package written in PHP. A SQL injection vulnerability exists in the frontend wd parameter of the hdcms framework, due to the program failing to adequately filter the wd parameter and only doing the corresponding code audit on the source code. An attacker is...

SQL Injection Vulnerability in Remote DBMail Mail Server

DBMail is a database-enabled enterprise mail system developed by TeleSoft. A SQL injection vulnerability exists in Telezine DBMail Mail Server V5.0 updated 2016.07.08. The vulnerability is allowed to be exploited by an attacker to gain access to sensitive database information...

SQL Injection Vulnerability in Uni Call Calling System

Uni Call Customer Service Edition is a professional software application platform designed for inbound customer service centers. A SQL injection vulnerability exists in the Uni Call call system. The lack of filtering of the /uncalllib/index.php parameter allows attackers to exploit the...

SQL injection vulnerability in zzcms xff inc/function.php (CNVD-2016-07187)

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. SQL injection vulnerability exists in zzcms product version, the trigger point of the vulnerability is in xff inc/function.php, the attacker can use the vulnerability to obtain the...

SQL Injection Vulnerability in Special Equipment Inspection Management System of Fuzhou Tronda Electronics Co.(CNVD-2016-06019)

Fuzhou Tranda Electronics Co., Ltd. is a high-tech enterprise specializing in software development, system integration, security services and other computer information services. Fuzhou Chuangda Electronics Co., Ltd. special equipment inspection management system is a data information management...

SQL Injection Vulnerability in Special Equipment Inspection Management System of Fuzhou Tranda Electronics Co.(CNVD-2016-06021)

Fuzhou Tranda Electronics Co., Ltd. is a high-tech enterprise specializing in software development, system integration, security services and other computer information services. Fuzhou Chuangda Electronics Co., Ltd. special equipment inspection management system is a data information management...

SQL injection vulnerability in news.htm?id=parameter of distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is centered on real-time interactive online classroom, combining powerful functions such as courseware on demand, course transaction, online payment and online examination to build a perfect online knowledge transaction platform for students and...

SQL Injection Vulnerability in IDC Website Building System

IDC website building system is a set of intelligent website building system. The product suffers from a sql injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in Transmission Interactive Video Equipment at Clearstream (Beijing) Technology Co.

StreamOcean, Inc. is the world's leading high-technology company dedicated to delivering high-definition interactive video over the Internet, with its fully independent intellectual property rights in the StreamOcean Video Delivery Network SOVDN, which provides the infrastructure for full video...

CMS system of Yingkou Aisda Computer Information Network Co., Ltd. suffers from sql injection vulnerability

Yingkou Aisda Computer Information Network Co., Ltd CMS system is a content management system. The product suffers from a sql injection vulnerability, which can be exploited by an attacker to obtain sensitive database information...

CVE-2016-1317

Cisco Unified Communications Manager 11.50.98000.480 allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098...

SQL Injection Vulnerability in 'roleName' Parameter of Founder Xiangyu CMS System

Founder Xiangyu CMS system is a full-process management platform for website information release. A SQL injection vulnerability exists in the Founder Xiangyu CMS system. The lack of filtering of the 'roleName' parameter allows attackers to exploit the vulnerability to obtain sensitive database...

SQL Injection Vulnerability in DeptId Parameter of Wave Software Administrative Services System

The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the DeptId parameter of the administrati...

Arbitrary File Upload Vulnerability in Panavision OA System

Panavision OA Office System is a coordination office software. A SQL injection vulnerability exists in Panmicro OA Office System, which can be exploited by an attacker to obtain sensitive information from a website database...