CVE-2018-16278

phpkaiyuancms PhpOpenSourceCMS POSCMS V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajaxsavedraft function with the dir parameter...

CA PPM SQL Injection Vulnerability

CA PPM is a suite of project and portfolio management software from CA USA. The software includes features such as task management, project planning, financial reporting management and resource management. A SQL injection vulnerability exists in CA PPM that stems from the program's inadequate...

SQL Injection Vulnerability in PbootCMS

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS suffers from SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive information in the database...

CVE-2018-1699

IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145968...

LibreHealthIO LH-EHR SQL Injection Vulnerability

LibreHealthIO LH-EHR is an open source electronic health record and medical practice management application. A SQL injection vulnerability exists in the Show Groups Popup SQL query function in the LibreHealthIO LH-EHR REL-2.0.0 release. A remote attacker can exploit the vulnerability to execute...

RSA Archer embedded WorkPoint component SQL injection vulnerability

RSA Archer is an enterprise IT governance and compliance governance product. An SQL injection vulnerability exists in the RSA Archer embedded WorkPoint component, which can be exploited by an attacker to execute SQL commands on a back-end database to read certain data...

Mozilla Firefox ESR < 52.4 Multiple Vulnerabilities

Binary data 700331.prm...

OpenEMR SQL Injection Vulnerability (CNVD-2018-17196)

OpenEMR is an open source medical management system maintained by the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A SQL injection vulnerability exists in the...

SQL Injection Vulnerability in Website Building System of Shangyu Tiansheng Network Technology Service Co.

Shangyu Tiansheng Network Technology Service Co., Ltd. is engaged in website construction, website promotion, website SEO optimization, enterprise mailbox, domain name registration, web space, network marketing planning for a full range of solutions. Shangyu Tiansheng Network Technology Service...

ShopsN open source online store full web system suffers from SQL injection vulnerability (CNVD-2018-17331)

ShopsN free version of the B2C e-commerce is a product of Shanghai Yisu Network Technology Co., Ltd. a full-featured enterprise-class commercial standards in line with the real allow free commercial use of open source online store full network system. ShopsN v2.3.3 official version of the existen...

SQL Injection Vulnerability in seacms

seacms is a video-on-demand content management system designed for different needs. A SQL injection vulnerability exists in seacms. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in Azeus CMS 2.0 Backend

Central CMS 2.0 is a cms system made by Central Studio, this CMS is written in UTF-8 coding. Azeus CMS 2.0 has a SQL injection vulnerability in the background, which can be exploited by attackers to obtain sensitive information from the database...

SQL Injection Vulnerability in EML Enterprise Address Book Management System

EML enterprise customer address book management system, is based on Linux open kernel and Apache based Php + Mysql intelligent B / S interactive service system. EML enterprise address book management system version 5.4.5 there is a sql injection vulnerability , attackers can exploit the...

SQL Injection Vulnerability in nucms V1.1

nucms is a content management system based on PHP+MYSQL technology developed by Liaocheng Leadsun Network Technology Co. nucms V1.1 version of SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information...

SQL Injection Vulnerability in the Frontend of Rongguang Information Ordering and Consumption System (荣光信息订取餐消费系统前台存在SQL注入漏洞)

Rongguang Information Ordering and Picking Up Food Consumption System is a multi-functional ordering system developed by Shenzhen Rongguang Information Co. SQL injection vulnerability exists in the frontend of Rongguang Information Ordering and Consumption System, which can be exploited by...

SQL Injection Vulnerability in Xinghua Website Building System

Xinghua letter network is a professional engaged in, Baidu keyword optimization and enterprise website construction and e-commerce services of the service provider. There is a SQL injection vulnerability in the Xinghua Xin.com website builder system. Attackers can use the vulnerability to obtain...

PbootCMS V1.1.7 SQL Injection Vulnerability in Li***.php Page

PbootCMS is a new core open source enterprise building system developed by Avantech. PbootCMS V1.1.7 Li.php page SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in the Query of the Opinion Collection Module of SMi CMS Group Web Group System

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. SQL injection vulnerability exists in the query of the opinion collection module of the State Micro CMS group station group system. Attackers...

SQL Injection Vulnerability in PHPSHE Mall System

PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation feedback and other functions, providing users with online shopping mall construction program. A SQL injection vulnerability exists in PHPSHE Mal...

Chengdu Innovative Internet Technology Co., Ltd. website building system suffers from SQL injection vulnerability

Chengdu Innovative Internet Technology Co., Ltd. mainly provides customers with high-quality Internet services and technology development and other services. Chengdu Innovative Internet Technology Co., Ltd. website building system has a SQL injection vulnerability, which can be exploited by...