cPanel SQL Injection Vulnerability (CNVD-2019-26168)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A SQL injection vulnerability exists in cPanel versions prior to 74.0.0. The vulnerability stems from a lack of validati...

Django SQL Injection Vulnerability

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes object-oriented mapper , view system , template system and so on. Django has a SQL injection vulnerability that can be exploited by an attacker to execute SQL...

Nextcloud Android app SQL injection vulnerability

Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. A SQL injection vulnerability exists in the Nextcloud Android app versions prior to 3.0.0. The vulnerability stems from a lack of validation of externally entered SQL statements in...

Apache VCL SQL Injection Vulnerability (CNVD-2019-25063)

Apache VCL is a set of open source cloud computing platform of the U.S. Apache Apache Software Foundation. A SQL injection vulnerability exists in Apache VCL versions 2.1 through 2.5. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based...

The vulnerability of the “World Judges” software suite lies in the lack of protection for the SQL query structure, allowing attackers to access database content by manipulating GET queries.

The vulnerability of the “World Judges” software suite is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to manipulate the GET request parameters and thereby access the database content remotely...

SQL Injection Vulnerability in Business Management Platform System Da***.aspx

Shenzhen Consulting Micro Information Technology Co., Ltd. is a company engaged in the research and development of management software platform. SQL injection vulnerability exists in the business management platform system Da.aspx, which can be exploited by attackers to obtain sensitive informati...

marginalia SQL Injection Vulnerability

marginalia is a package for adding annotations to ActiveRecord queries. A SQL injection vulnerability exists in versions prior to marginalia 1.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the...

eClass platform SQL Injection Vulnerability

eClass platform is an open source course management system organized by GUnet Greece. A SQL injection vulnerability exists in versions of eClass platform prior to ip.2.5.10.2.1. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. ...

SQL Injection Vulnerability in AIOT Structural Health Monitoring System

Shanghai Tonglei Civil Engineering Technology Co., Ltd. is a professional technical service company dedicated to providing information technology solutions in the building structure industry. AIOT structural health monitoring system has a SQL injection vulnerability, which can be exploited by...

ZZZPHP foreground search with SQL injection vulnerability

ZZZPHP is a free website builder developed in PHP language. ZZZPHP front-end search SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

Bypass Vulnerability in Website Security Dog's SQL Injection Blocking Feature

Security Dog is a comprehensive server security protection tool that integrates server security protection and security management. A bypass vulnerability exists in the SQL injection blocking feature of Website Security Dog. An attacker can bypass the SQL injection blocking feature of Website...

CVE-2019-11921

An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...

CVE-2019-11921

An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...

Cross site scripting

An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...

CVE-2019-11921

The CVE-2019-11921 issue affects Facebook Proxygen prior to version 2019.07.22.00, where an out-of-bounds write can be triggered by a specially crafted network packet due to improper Base64 handling when parsing malformed binary content in Structured HTTP Headers. Affected components are within P...

CVE-2019-11921

An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00...

SQL Injection Vulnerability in VANOC Enterprise Website Management System Backend

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. VANOC enterprise website management system backend has SQL injection vulnerability, attackers can exploit the vulnerability to obtain database information...

ZZCMS SQL Injection Vulnerability (CNVD-2019-24373)

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in ZZCMS 8.3 and earlier versions. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this...

WordPress AJdG AdRotate Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.AJdG AdRotate plugin is an ad management plugin used in it. A SQL injection vulnerability exists in WordPress AJdG AdRotate plugin...

The vulnerability of the U.motion Builder system, related to the incorrect processing of special symbols in SQL queries, allows a hacker to execute arbitrary code.

The vulnerability of the U.motion Builder system for managing industrial and residential facilities is related to the improper processing of special symbols in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted query...