CVE-2019-10707

MKCMS V5.0 has SQL injection via the bplay.php play parameter...

Domoticz SQL Injection Vulnerability

Domoticz is an open source smart home system. The system supports monitoring and controlling a wide range of smart home devices. A SQL injection vulnerability exists in Domoticz versions prior to 4.10578, which stems from a lack of validation of externally entered SQL statements in database-based...

The vulnerability of the pg_upgrade and pg_dump utilities in the PostgreSQL database management system allows a hacker to execute arbitrary SQL commands.

The vulnerability of the pgupgrade and pgdump utilities in the PostgreSQL database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

The vulnerability of the PQescape() function in the libpq library of the PostgreSQL database management system allows a hacker to disclose sensitive information that is protected by this function.

The vulnerability of the PQescape function in the libpq library of the PostgreSQL database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose protected information through SQL injections...

CVE-2019-9053

An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1idlist parameter...

SQL Injection Vulnerability in Leer's Resource Platform

Founded in 2008, Aotong Dalian Technology Development Co., Ltd. is an educational brand engaged in the research and development of original children's digital resources. A SQL injection vulnerability exists in the Le'er Resource Platform, which can be exploited by an attacker to obtain sensitive...

SQL Injection Vulnerability in NetSoft Zhicheng Classifieds Website System

NetSoft Zhicheng classifieds website system is a php mysql based website building system. Netsoft Zhicheng classifieds website system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information in the database...

SQL Injection Vulnerability in the jdo*** Component jdo*** Module of joomla!

joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the jdo module of the joomla! jdo component. The vulnerability allows attackers to obtain sensitive information about the database...

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and...

Hsycms v1.1 suffers from SQL Injection Vulnerability

Hsycms is an enterprise-level web content management system, written by PHP+MYSQL, using template separation technology to support the creation of many types of sites. Hsycms v1.1 suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database...

SQL Injection Vulnerability in 74cms in***.php Page

Knight Talent System 74cms is a talent recruitment system based on PHP+MYSQL. A SQL injection vulnerability exists in the 74cms in.php page, which can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in Website Management System of Suzhou Topps Network Technology Co.

Suzhou Topps Network Technology, one-stop solution for website construction program. Suzhou Topps Network Technology Co., Ltd. website building system exists SQL injection vulnerability, allowing attackers to utilize commonly used SQL injection tools, access to sensitive information in the...

SQL Injection Vulnerability in OFCMS System Management Service

OFCMS is a content management system developed based on java technology. A SQL injection vulnerability exists in the OFCMS system administration, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2019-4032

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998...

PT-2019-16850 · Ibm · Ibm Financial Transaction Manager For Digital Payments For Multi-Platform

Name of the Vulnerable Software and Affected Versions: IBM Financial Transaction Manager for Digital Payments for Multi-Platform version 3.1.0 Description: The issue allows a remote attacker to send specially-crafted SQL statements, which could enable the attacker to view, add, modify, or delete...

SQL Injection Vulnerability in Super CMS Frontend in***.php Page

Super CMS by the SEO Research Center in order to solve the problem of website optimization and research and development of a set of products, using an object-oriented approach to independent research and development of the MVC framework development, is an open source content management system...

Five Fingers CMS v4.1.0 SQL Injection Vulnerability in Frontend

Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS v4.1.0 SQL injection vulnerability exists in the front-end , an attacker can exploit the vulnerability to obtain sensitive information in the database...

Jinan Reebok Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Reebok Network Technology Ltd. is an Internet technology service provider. Jinan Reebok Network Technology Co., Ltd. website building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

PYSEC-2019-53

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter...

SQL Injection Vulnerability in Daimi CMS_V6.0.6

Rice CMS is a free open source, fast, simple PC station and cell phone station building integrated integration system , to provide open source Android cell phone client APK and the corresponding server-side system source code download. Rice CMSV6.0.6 SQL injection vulnerability . Rice CMSV6.0.6...