CVE-2017-18287

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST usersearch parameter...

Novell SUSE Studio Onsite and SUSE Studio Onsite Appliance SQL Injection Vulnerability

Novell SUSE Studio Onsite and SUSE Studio Onsite Appliance are both U.S. Novell Web applications for building and testing software applications in a Web browser. A SQL injection vulnerability exists in the list of software available in Novell SUSE Studio Onsite versions prior to 1.0.3-0.18.1 and...

portfolioCMS SQL Injection Vulnerability

portfolioCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in portfolioCMS version 1.0.5. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of the 'preview' parameter...

Joomla! User Bench SQL Injection Vulnerability

Joomla! is an open source Content Management System CMS that offers RSS feeds, site search, etc. User Bench is one of those simple components that allows you to list your team details. An SQL injection vulnerability exists in Joomla! An attacker could use this vulnerability to corrupt the...

SQL Injection Vulnerability in Website Building System of Guangdong Shunde Deyun Network Technology Co.

Guangdong Shunde Deyun Network Technology Co., Ltd. is a marketing company relying on the Internet, focusing on practical Internet planning and in-depth marketing. There is a SQL injection vulnerability in the website building system of Guangdong Shunde Deyun Network Technology Co. Attackers can...

Dingwei iPower CMS has multiple vulnerabilities

Dingwei iPower CMS is a website system developed by Chongqing Dingwei Network Technology Co. Dingwei iPower CMS exists SQL injection, XSS cross-site scripting vulnerabilities, the background management system also exists user guessing, ultra-rights access and other vulnerabilities, attackers can...

SQL Injection Vulnerability in Guangzhou Lianya Network Technology Co.

Guangzhou Lianya Network Technology Co., Ltd. is a technology-based network company. A SQL injection vulnerability exists in the website building system of Guangzhou Lianya Network Technology Co. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Easy MPEG to DVD Burner SEH + DEP Bypass Local Buffer Overflow Vulnerability

Easy MPEG to DVD Burner is a freeware for Windows, mainly used as a DVD format converter for MPEG and DAT files. A security vulnerability exists in Easy MPEG to DVD Burner. An attacker can exploit this vulnerability to gain administrator access...

OpenDaylight Controller SQL Injection Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven open source software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly.Controller is one of the controllers. An SQL...

Quest KACE System Management Appliance SQL Injection Vulnerability

Quest KACE System Management Appliance is an IT asset management appliance from Quest Software, USA. A SQL injection vulnerability exists in the '/common/runreport.php' script in version 8.0.318 of the Quest KACE System Management Appliance, which stems from the program not filtering incoming...

Pixelpost SQL Injection Vulnerability

Pixelpost is a suite of extensible open source photo-sharing applications with multi-language support. A SQL injection vulnerability exists in Pixelpost 1.7.3 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Allok Video to DVD Burner Buffer Overflow (SEH) Vulnerability

Allok Video to DVD Burner is a simple and professional DVD authoring software that allows you to convert all your favorite movies to DVD movies and burn them to DVD discs, then watch them on your home DVD player, car DVD player or any other portable DVD player. A buffer overflow SEH vulnerability...

SQL Injection Vulnerability in Hainan Creative Media pc Website Building System

Hainan Creative Future Culture Media Co., Ltd. is engaged in brand one-stop service e-commerce advertising consulting services media enterprises. We design complete solutions for users and provide the best advertising support services. A SQL injection vulnerability exists in the pc website builde...

CVE-2017-9544

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/easychatserverseh.rb 2025-10-23 21:12:58+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2018-11535

An issue was discovered in SITEMAKIN SLAC Site Login and Access Control v1.0. The parameter "myitemsearch" in users.php is exploitable using SQL injection...

E-Sic SQL Injection Vulnerability (CNVD-2018-10474)

E-Sic is a Brazilian electronic system for citizen information. A SQL injection vulnerability exists in E-Sic version 1.0. A remote attacker can exploit this vulnerability by sending the 'f' parameter to the esiclivre/restrito/inc/buscacep.php file to execute arbitrary SQL commands...

Data classification and protection now available for structured data in SQL

This post is authored by Gilad Mittelman, Senior Program Manager, SQL Data Security. Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations that formalize requirements are emerging around these topics...

iScripts eSwap 'ToId' Parameter SQL Injection Vulnerability

iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...

SQL Injection Vulnerability in SMiCMS Government Website System v201803224 Version

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS government website system v201803224 version of the existence of SQL injection vulnerability , attackers can exploit the...

PhpCollab SQL Injection Vulnerability

phpCollab is a set of Web-based project collaboration management software. The software features task assignment, discussions, logs and notifications. A SQL injection vulnerability exists in PhpCollab 2.5.1 and earlier versions. A remote attacker can exploit the vulnerability to execute arbitrary...