ThinkPHP5 PDO Authenticity Preprocessing suffers from SQL Injection Vulnerability

ThinkPHP V5.0 is a high-performance framework designed for API development. A SQL injection vulnerability exists in ThinkPHP5 PDO authenticity preprocessing. The vulnerability is caused by controlling the value position of the in statement, i.e. by passing in an array, leading to a SQL injection...

SQL Injection

Moodle is vulnerable to SQL injection attacks. The library does not sanitize form data, allowing a malicious user can inject and execute arbitrary SQL...

CSRF Vulnerability in Ocean CMS V6.48

Ocean Movie System aka Ocean CMS seacms is a PHP movie system. There is a CSRF vulnerability in the back-end SQL execution form of Ocean CMS, which can be exploited by attackers to trick administrators into clicking on malicious links to execute SQL statements and write webshell to gain server...

YXCMS backend new template with SQL execution function has arbitrary file write vulnerability

Yxcms is an enterprise building system based on PHP and mysql technology. YXCMS backend new templates and SQL execution function has arbitrary file write vulnerability, attackers can exploit the vulnerability to write webshell, get server privileges...

WordPress Mail Masta plugin SQL injection vulnerability (CNVD-2017-02638)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Mail Masta aka mail-masta is one of the email plug-ins. WordPress Mail Masta plugin version 1.0 in...

CVE-2016-5742

SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

dotCMS 'stName' Parameter SQL Injection Vulnerability

dotCMS is a content management system CMS developed in Java. A SQL injection vulnerability exists in the 'stName' parameter in dotCMS versions prior to 3.3.2, which allows remote attackers to execute arbitrary SQL commands via the stName parameter in api/content/save/1...

IBM BigFix Remote Control SQL Injection Vulnerability

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A SQL injection vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

SweetRice 1.5.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications document.forms0.submit; 0day.today 2018-01-01...

CVE-2016-8582

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOADFILE...

vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (SQL Execution)

miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery SQL Execution document.forms.csrfpoc.submit; select from user order by User asc limit 20 Host User % exploituser1 --...

Symphony CMS SQL Injection Vulnerability

Symphony is a content management system CMS developed using PHP MySQL. Symphony suffers from a SQL injection vulnerability because the program fails to adequately validate the 'fieldsusername', 'actionsave', and 'fieldsemail' parameters can be exploited to execute arbitrary SQL code in the...

Multiple Vulnerabilities in the ERP System of Shenzhen Mingyuan Software Co.

Shenzhen Mingyuan Software Co., Ltd. is a real estate application software and solution provider. There are multiple vulnerabilities in the ERP system of Shenzhen Mingyuan Software Co., Ltd. and by comprehensively exploiting the vulnerabilities, an attacker can obtain website control privileges a...

D-Link DAR-8000/DAR-7000系列上网行为审计网关 任意sql语句执行

No description provided by source...

CmsEasy_5.5_UTF-8_20140118 celive\include\database.class.php 任意sql语句执行漏洞

No description provided by source...

万户OA任意sql语句执行漏洞（标准版）

存在两种利用方式 1. defaultroot/graphreport/runsql.jsp 这个页面可以直接访问，并且可以执行任意sql语句，页面中textarea域是readonly，使用 firebug 去掉即可，然后就可以执行任意 sql 语句。 可以看到成功执行了sql语句 2. 可以直接给处理类提交数据 通过以下这个链接 /defaultroot/GraphReportAction.do?action=showResult 然后通过hackbar来吧以下数据post过去即可看到执行的数据 dataSQL=select...

Discuz! admincp.php CSRF引起XSS

首先是一个CSRF：url：/admincp.php?action=members&operation=newsletter&username=%2A&uid=0&srchemail=&regdatebefore=&regdateafter=&postshigher=&postslower=&regip=&lastip=&lastvisitafter=&lastvisitbefore=&lastpostafter=&lastpostbefore=&birthyear=&birthmonth=&birthday=&lowercredits=&lowerextcredits1=&lowere...

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution

Exploit Title: ManageEngine EventLog Analyzer SQL query execution Product: ManageEngine EventLog Analyzer Vulnerable Versions: v10.6 build 10060 and previous versions Tested Version: v10.6 build 10060 Windows Advisory Publication: 14/09/2015 Vulnerability Type: authenticated SQL query execution...

[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.12-1.fc19

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...