SQL injection vulnerability in the front-end zh***_mo***.asp file of the online bookkeeping management system of Environmental Times Enterprises (CNVD-2019-06673)

Eco Times Enterprise Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the zhmo.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain...

SQL injection vulnerability in the front-end xi***_mo***.asp file of the Eco Times Enterprise Online Bookkeeping Management System.

Eco Times Business Online Bookkeeping Management System is a financial online bookkeeping software. There is a SQL injection vulnerability in the ximo.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can exploit the vulnerability to obtain...

SQL Injection Vulnerability in the Front-end us***.asp File of Environmental Times Enterprise Online Bookkeeping Management System

Eco Times Enterprise Online Bookkeeping Management System is a financial online bookkeeping software. SQL injection vulnerability exists in the us.asp file in the frontend of the EcoTimes Enterprise Online Bookkeeping Management System. An attacker can use the vulnerability to obtain sensitive...

SQL Injection Vulnerability in Sl***_St***.aspx of Bid 1.0 Backend of Qixing Engineering Bidding System

Qixing Bidding System is suitable for enterprises to collect information on government procurement, engineering construction, land grant and other bidding information, and to track the progress of works and payment of successful projects. QiStar Engineering Bidding System Bid 1.0 backend SlSt.asp...

SQL Injection Vulnerability in Sl***_Pa***.aspx of Bid 1.0 Backend of Qixing Engineering Bidding System

Qixing Bidding System is suitable for enterprises to collect information on government procurement, engineering construction, land grant and other bidding information, and to track the progress of works and payment of successful projects. A sql injection vulnerability exists in the backend...

Know What’s on Your Network at All Times with Qualys Asset Inventory

Qualys has just launched a global IT asset inventory solution that offers full visibility across even the most hybrid, complex and distributed IT environments, addressing a challenge many security and IT teams face today. When IT directors and CISOs look at their digitally transformed networks,...

SQL injection vulnerability in Ectouch frontend Ex***.cl***.php file

ECTouch is a mobile mall online store system launched by Shanghai Shangchuang Network Technology Co. A SQL injection vulnerability exists in the Ex.cl.php file in the frontend of Ectouch. Attackers can use the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in the Backend Us***_Ro***.aspx File of Qixing Image & Video Library Gallery v27.0

Qixing Image & Video GalleryGallery is mainly used to store images or videos in the company. A SQL injection vulnerability exists in the backend UsRo.aspx file of Qixing Image & Video Gallery v27.0, which can be exploited by an attacker to obtain sensitive information from the database...

Traq SQL Injection Vulnerability

Traq is a PHP-based project management and issue tracking system. Traq suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...

SQL Injection Vulnerability in Bidding System Bid Frontend Wo***.aspx Page

Qixing Bidding System Bid is a system suitable for enterprises to collect information on bidding information of government procurement, engineering construction, land grant, etc., and to track the progress of works and payment of successful projects. A SQL injection vulnerability exists in the...

DEBIAN-CVE-2018-4056

An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN server administrator...

SQL Injection Vulnerability in SemCms Foreign Trade Website Management System (PHP Version) SE***.php Page

SemCms is a set of open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox, google, 360 and other mainstream browsers. SemCms foreign trade website management system PHP version SE.php page there is a SQL injection...

SQLite Memory Corruption Vulnerability in Multiple Apple Products

Apple iOS and so on are the products of the United States Apple Apple. Apple iOS is a set of operating systems developed for mobile devices; tvOS is a set of smart TV operating system. SQLite is one of the set of C-based open source embedded relational database management components developed by...

The vulnerability of the SQR component in the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected data.

The vulnerability of the SQR component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the application using the HTTP protocol...

CVE-2019-6805

SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php Oid parameter...

Component vWishlist SQL Injection Vulnerability in Joomla!

Joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla! component vWishlist. An attacker can exploit the vulnerability to obtain sensitive database information...

S-CMS Chinese/English Bilingual Decoration Industry Website v3.0 po***.asp page suffers from SQL injection vulnerability

S-CMS Chinese and English bilingual decoration industry website is developed with asp+access, comes with a set of PC templates and a set of WAP templates of Chinese and English bilingual enterprise website system. S-CMS bilingual decoration industry website v3.0po.asp page SQL injection...

LmxCMS V1.4 SQL Injection Vulnerability in Frontend Ta***.cl***.php

Dream Cms, hereinafter referred to as "lmxcms", is a simple and practical website management system cms developed by "10 years" screen name. A SQL injection vulnerability exists in LmxCMS V1.4 frontend Ta.cl.php. An attacker can exploit the vulnerability to obtain sensitive database information...

The vulnerability of the EVLink Parking software lies in the lack of measures to protect the SQL query structure, allowing a hacker to access the web interface with full privileges.

The vulnerability of the EVLink Parking software is related to the lack of measures to protect the SQL query structure. Exploiting this vulnerability can allow an attacker who operates remotely to gain access to the web interface with full privileges...

SQL Injection Vulnerability in Smart Meter Collective Reading Management System Lo***.aspx Page

Qingdao Automatic Instrumentation Co., Ltd. is a new joint-stock enterprise integrating R&D and manufacturing. There is a SQL injection vulnerability in the Lo.aspx page of the Intelligent Instrumentation Collector Management System, which can be exploited by attackers to obtain sensitive...