i-doit CMDB SQL Injection Vulnerability

i-doIT is a CMDB Configuration Management Database based on ITIL technology. An SQL injection vulnerability exists in i-doit CMDB. An attacker can exploit the vulnerability to obtain sensitive database information...

Fortnite Flaws Allowed Hackers to Takeover Gamers' Accounts

Check Point researchers have discovered multiple security vulnerabilities in Fortnite, a massively popular online battle game, one of which could have allowed remote attackers to completely takeover player accounts just by tricking users into clicking an unsuspectable link. The reported Fortnite...

SQL Injection Vulnerability in Ruihe Software Enterprise Management Information System v5.0EA***.aspx Page

Beijing Ruihe Hengtai Technology Co., Ltd. is a high-tech and double-soft certified enterprise specializing in the distribution, implementation service and technical service of all kinds of tool software, system software and database software as well as system development. Ruihe Software Enterpri...

UsualToolCMS Cross-Site Request Forgery Vulnerability

UsualToolCMS UTCMS is an enterprise web content management system CMS based on PHP and MySQL. A security vulnerability exists in cmsadmin/asqlbackx.php?t=sql in UTCMS version 8.0. An attacker can exploit this vulnerability to execute SQL statements and execute arbitrary PHP code...

SQL Injection Vulnerability in DeepView V3.0ab***.asp Page

SZYT is a website building system developed by SZYT Group Ltd. SQL injection vulnerability exists in SZYT V3.0ab.asp page, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in Zoneminder rs***.php File

Zoneminder is an open source video surveillance system. A SQL injection vulnerability exists in the Zoneminder rs.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

Xi'an Bailian website builder system has SQL injection vulnerability

Xi'an BaiLian Network Technology Co., Ltd. is the first technology company specializing in bearing industry management software development and bearing industry portal design. Xi'an BaiLian website building system has a SQL injection vulnerability, which can be exploited by attackers to obtain...

SQL Injection Vulnerability in the Community Corrections System of the Department of Justice

China Mobile Communications Corporation hereinafter referred to as "China Mobile" is a centralized enterprise established in 2000 in accordance with the overall deployment of the national telecommunications system reform. A SQL injection vulnerability exists in the community correction system of...

SQL Injection Vulnerability in Purchase Frontend ge***.aspx Page of Purchase System

Purchase system Purchase is a purchasing management system features include: product requisitioning, warehousing, inventory counts, data reports and more. A SQL injection vulnerability exists in the front-end ge.aspx page of Purchase, which can be exploited by attackers to obtain sensitive...

SQL Injection Vulnerability in File System Profile Frontend ge***.aspx Page

The filing system Profile is an in-house employee management software. A SQL injection vulnerability exists in the front-end ge.aspx page of File System Profile, which can be exploited by attackers to obtain sensitive information from the database...

S-CMS SQL Injection Vulnerability (CNVD-2018-26679)

S-CMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in S-CMS version 1.0, which can be exploited by remote attackers to execute SQL commands by sending the 'Sid' parameter to the wapindex.php?type=newsinfo URL...

SQL Injection Vulnerability in File System Profile Frontend Bi***.ashx Page

The filing system Profile is an in-house employee management software. A SQL injection vulnerability exists in the frontend Bi.ashx page of File System Profile, which can be exploited by attackers to obtain sensitive information from the database...

Zzzphp V1.5.9 SQL Injection Vulnerability in Background sa***.php File

zzphp is a free website building system developed using PHP. Zzzphp V1.5.9 SQL injection vulnerability exists in the background sa.php file, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in PHPMyWind na***_up***.php File

PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMyWind naup.php file. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in PHPMyWind si***_up***.php File

PHPMyWind is a PHP + MySQL based development of W3C standards-compliant site building engine . A SQL injection vulnerability exists in the PHPMyWind siup.php file. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in PbootCMS Backend

PbootCMS is a new core open source enterprise building system developed by Avantech. There is a SQL injection vulnerability in PbootCMS backend. Attackers can use this vulnerability to obtain sensitive information in the database...

SQL Injection Vulnerability in UFIDA uMall

UFIDA U Mall realizes multi-dimensional product management, personalized shopping experience, comprehensive membership management, flexible marketing management, online and offline integration, and omni-channel O2O marketing solutions. A SQL injection vulnerability exists in UFIDA U Mall. An...

SQL Injection Vulnerability in Golden Magpie T3 Wooden Door Enterprise Management Software

Golden Magpie T3 series of wooden door software is developed by Nanjing Golden Magpie Software Technology Co., Ltd. and adopts the B/S architecture mode of an enterprise management system. Golden Magpie T3 Wooden Door Enterprise Management Software has a SQL injection vulnerability, which can be...

SQL Injection Vulnerability in Enzong Technology's Website Building System

Tianjin EnZhong Technology Development Co., Ltd. is a network application service operator and a top Internet industry solution company in China. There is a SQL injection vulnerability in EnZone's website building system, which can be exploited by attackers to obtain sensitive information from th...

HuCart has a file upload vulnerability

HuCart is a PHP+Mysql based enterprise building system CMS that can run on various server platforms such as Linux and Windows. HuCart has a file upload vulnerability that can be exploited by attackers to upload arbitrary files...