Mito website building system has information leakage vulnerability

metinfo mito system is an enterprise website management system with PHP Mysql architecture. Version 6.2.0 of the metinfo website builder system has an information leakage vulnerability that can be exploited by attackers to download sql files and obtain sensitive information...

HotelDruid SQL Injection Vulnerability (CNVD-2019-17320)

HotelDruid is a hotel management system from the DigitalDruid.Net team. The system includes features such as room management, financial management and inventory management. A SQL injection vulnerability exists in HotelDruid versions prior to 2.3.1. The vulnerability stems from a lack of validatio...

SalesAgility SuiteCRM SQL Injection Vulnerability (CNVD-2019-16997)

SalesAgility SuiteCRM is a suite of enterprise-grade open source customer relationship management CRM. A SQL injection vulnerability exists in SalesAgility SuiteCRM versions 7.10.x prior to 7.10.17 and 7.11.x prior to 7.11.5, which can be exploited by an attacker to execute illegal SQL commands...

SQL Injection Vulnerability in One-Card System of Zhengzhou Xinkai Pu Electronic Technology Co.

Zhengzhou New Cape Electronic Technology Co., Ltd. is a company whose main business scope includes computer system integration, development and operation and maintenance, software, smart card machine and other projects. Zhengzhou XinKaipu Electronic Technology Co., Ltd. one card system there is a...

Quest Software Kace K1000 Appliance SQL Injection Vulnerability

Quest Software Kace K1000 Appliance is a system management appliance from Quest Software, USA. The product is used for software license management, patch and endpoint security management, software distribution and server monitoring functions. A SQL injection vulnerability exists in Quest Kace K10...

IBM PureApplication System SQL Injection Vulnerability

IBM PureApplication System is a platform system from IBM USA designed for transactional Web and database applications. The system is capable of handling workloads and can be maintained and updated from a single console for all configurations. A SQL injection vulnerability exists in IBM...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SQL Injection Vulnerability in the Website Management System of Henan Lisuo Internet Information Technology Co.

Henan Lisuo Internet Information Technology Co., Ltd. is an Internet comprehensive service organization. There is a SQL injection vulnerability in the website management system of Henan Lisuo Internet Information Technology Co., Ltd, which can be exploited by attackers to obtain sensitive...

Vtiger CRM SQL Injection Vulnerability (CNVD-2019-16507)

Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by American Vtiger. The management system provides management, collection and analysis of customer information and other functions. A SQL injection vulnerability exists in the...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and network device management system, as well as the Cisco Evolved Programmable Network Manager software, allows a malicious actor to execute arbitrary SQL queries.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager software relates to input validation errors. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries by sending specially...

SQL Injection Vulnerability in Tpshop v3.5 Sm***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 Sm.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

SQL Injection Vulnerability in Tpshop v3.5 Ar***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 Ar.php page. An attacker can exploit the vulnerability to obtain sensitive information from the database...

SQL injection vulnerability in Tpshop v3.5 To***.php page (CNVD-2019-17503)

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 To.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

Computrols CBAS Web SQL Injection Vulnerability

CBAS Web is a Web-based building management system BMS from Computrols. A SQL injection vulnerability exists in Computrols CBAS Web. The vulnerability stems from improper validation of parameters passed to different scripts. A remote authenticated attacker could exploit the vulnerability to execu...

SQL Injection Vulnerability in SemCms

SemCms is an open source foreign trade enterprise website management system, mainly used for foreign trade enterprises. SemCms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

CommSy SQL Injection Vulnerability

Commsy is a Web-based, open source community system for project management. A SQL injection vulnerability exists in CommSy version 8.6.5. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerabili...

CVE-2019-1824

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplie...

OpenProject SQL Injection Vulnerability

OpenProject is an open source Web-based project management software . The software has project planning , task management , bug tracking and cost budgeting and other functions . A SQL injection vulnerability exists in OpenProject versions 5.0.0 through 8.3.1. The vulnerability stems from a lack o...

SQL Injection Vulnerability in AICA CMS Backend li***.php

Acme CMS is a full-featured, PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction CMS building system. Acme CMS background li.php SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...

SEH Buffer Overflow Vulnerability in Nsauditor Network Security Auditor

Nsauditor Network Security Auditor is a network security scanner that allows to review and monitor network computers for possible attack weaknesses. Nsauditor Network Security Auditor suffers from a SEH buffer overflow vulnerability. An attacker can exploit the vulnerability by executing arbitrar...