Global IT Asset Inventory: The Foundation for Security and Compliance

Pablo Quiroga, Qualys’ Director of Product Management for IT Asset Management, talks about the new Asset Inventory solution When IT directors and CISOs look at their digitally transformed networks, they encounter many shadows that their legacy enterprise software tools can’t illuminate. These bli...

SQL Injection Vulnerability in ThinkCMF 2.2.3 cl***.php Page

ThinkCMF is a Chinese content management framework based on PHP+MYSQL. A SQL injection vulnerability exists in the ThinkCMF 2.2.3 cl.php page. An attacker can exploit this vulnerability to obtain sensitive database information...

Dandelion Online Teaching System frontend ex*** routing file has SQL injection vulnerability

Dandelion Online Teaching System is the website of Shenzhen Tomorrow See Technology Co., Ltd, which is an innovative science and technology enterprise focusing on the research and development of videoconferencing, video teaching and telemedicine system. Dandelion Online Teaching System has a SQL...

SQL injection vulnerability in the or***.de***.php file in the background of Cloud EC e-commerce system

Cloud EC e-commerce system hereinafter referred to as Cloud EC is a set of PHP + MYSQL-based open source e-commerce system software developed independently by Cloud MYSQL e-commerce Co. Cloud EC e-commerce system background or.de.php file SQL injection vulnerability. Attackers can use the...

SQL Injection Vulnerability in CCTV Online Teaching Platform

CCTV Digital Resource Teaching Platform is a platform for flexible lesson preparation and convenient teaching created for schools by Nanjing 55th Technology Development Co. A SQL injection vulnerability exists in the CCTF Online Network Teaching Platform. An attacker can use this vulnerability to...

SQL Injection Vulnerability in HuCart ad***.php Page

HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version ad.php page SQL injection vulnerability , remote attackers can exploit the vulnerability to obtain database sensitive information...

PHPOK 5.0.055 suffers from a SQL Injection Vulnerability

PHPOK system is a content management system for website construction developed by Shenzhen 锟铻科技有限公司formerly known as PHPOK Studio. A SQL injection vulnerability exists in PHPOK 5.0.055. The vulnerability is caused by poor filtering of user-submitted parameters. An attacker can exploit this...

SQL Injection Vulnerability in D-link Central WifiManager Ra***.php Page

D-Link Central WiFiManager is D-Link centralized wireless management software. A SQL injection vulnerability exists in the D-link Central WifiManager Ra.php page, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in HUCART ad***_po***.php Page

HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version adpo.php page SQL injection vulnerability , remote attackers can exploit the vulnerability to obtain database sensitive information...

SQL Injection Vulnerability in Incentive Technology's Website Construction System

Ltd. is a network company specializing in Internet technology services, network technology development and application in one. A SQL injection vulnerability exists in the website construction system of Incentive Technology. An attacker can use this vulnerability to obtain sensitive information in...

Aicheng Technology website building system has SQL injection vulnerability

Chengdu Aicheng Technology Co., Ltd. is a collection of website planning, web design, website construction, network promotion seo keyword optimization, network integrated marketing and other business enterprises. There is a SQL injection vulnerability in the Aicheng Technology website builder...

NUUO CMS SQL Injection Vulnerability

NUUO CMS is a set of centralized software management platform from NUUO. The platform is used to centrally manage devices such as NVRs hard disk recorders and IP cameras, and provides functions such as user management and alarm management. A SQL injection vulnerability exists in NUUO CMS 3.3 and...

Interspire Email Marketer SQL Injection Vulnerability (CNVD-2018-26788)

BigCommerec Interspire Email Marketer IEM is a suite of email marketing software from BigCommerec, USA. A SQL injection vulnerability exists in the 'updateblock' function of the Dynamiccontenttags.php file in BigCommerec IEM 6.1.6 and earlier versions. A remote attacker can exploit this...

CVE-2018-19468

HuCart 5.7.4 has SQL injection in getip in system/class/helperclass.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=actlogin URI...

SaltOS SQL Injection Vulnerability

SaltOS is a suite of enterprise management solutions from the SaltOS program. The product integrates features such as CRM Customer Relationship Management and ERP Enterprise Resource Planning. A SQL injection vulnerability exists in SaltOS version 3.1 r8126, which can be exploited by remote...

BSEN Ordering software SQL Injection Vulnerability

BSEN Ordering software is a procurement management system. A SQL injection vulnerability exists in BSEN Ordering software version 1.0. A remote attacker can use the vulnerability to view, add, modify, or delete information in the back-end database with the help of the...

SeaCMS SQL Injection Vulnerability (CNVD-2019-08331)

SeaCMS Ocean CMS is a professional open source free PHP film and television system. SeaCMS 6.6.4 suffers from a SQL injection vulnerability, which can be exploited by attackers via the adminmakehtml.php topic parameter...

SQL Injection Vulnerability in Boqiang Network Technology Company's Website Building System

Boqiang network technology company is engaged in enterprise, business website design, website construction, e-commerce, graphic design, wap website construction and software development and other production and application in one of the Internet company. A SQL injection vulnerability exists in...

SQL Injection Vulnerability in the Website Building System of Shanghai Qiu Chuang Technology Co.

Ltd. is a professional company focusing on providing customers with high-end website planning, website construction, web design, brand network marketing and related Internet-based application services. A SQL injection vulnerability exists in the website building system of Shanghai Seek Creative...

Microsoft Dynamics 365 Remote Code Execution Vulnerability

Dynamics 365 is a product family of enterprise resource planning and customer relationship management applications released in July 2016 by Microsoft. A remote code execution vulnerability exists in Microsoft Dynamics 365 on-premises version 8. The vulnerability stems from the Dynamics server...