SQL Injection Vulnerability in DM Enterprise Website System

DM building system is developed by php + mysql a set of specialized for small and medium-sized enterprise website construction of open source cms. DM enterprise website builder system multiple parameters exist SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive...

Hancom Hangul HCell OfficeArt Record pConnectionSites and pVertices Code Execution Vulnerability(CVE-2016-4294)

Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul Hcell Document .cell and...

Hancom Hangul HCell HncChart CFormulaTokenSizeModifier Code Execution Vulnerability(CVE-2016-4295)

Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul Hcell Document .cell and...

Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability(CVE-2016-4293)

Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office is published by Hancom, Inc. and is considered one of the more popular Office suites used within South Korea. When opening a Hangul Hcell Document .cell and...

Jiangxi Talent Software Technology Co., Ltd. enterprise station building system with SQL injection vulnerability

Jiangxi Talent Software Technology Co., Ltd. enterprise station-building system is a station-building system. Jiangxi Talent Software Technology Co., Ltd. enterprise station building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information in the...

SQL Injection Vulnerability in State Micro CMS opinion-wzxz

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. A SQL injection vulnerability exists in State Micro CMS opinion-wzxz. An attacker can exploit this vulnerability to obtain sensitive...

Frappe frappe.share.get_users SQL Injection Vulnerability

Frappe is a WEB application. Frappe frappe.share.getusers suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

Catfish CMS v4.5.7 SQL Injection Vulnerability in Frontend

Catfish CMS is open source free PHP CMS web content management system. Catfish CMS v4.5.7 suffers from a SQL injection vulnerability in the frontend. An attacker can exploit this vulnerability to obtain sensitive database information...

Cash Back Comparison Script SQL Injection Vulnerability

Cash Back Comparison Script is a cash back script. A SQL injection vulnerability exists in Cash Back Comparison Script version 1.0. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Trend Micro Mobile Security SQL Injection Vulnerability

Trend Micro Mobile Security Enterprise is a set of cell phone security software from Trend Micro that integrates cell phone security scanning, real-time protection against malicious programs and monitoring of malicious behavior. A SQL injection vulnerability exists in versions of Trend Micro Mobi...

WordPress Responsive Image Gallery Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.Responsive Image Gallery plugin is one of the image management plugin. A SQL injection vulnerability exists in WordPre...

Ichitaro Word Processor PersistDirectory Code Execution Vulnerability(CVE-2017-2791)

Summary Ichitaro Office contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due t...

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

[SECURITY] Fedora 25 Update: drawtiming-0.7.1-22.fc25

A command line tool for generating timing diagrams from ASCII input files. The input files use a structured language to represent signal state transitions and interdependencies. Raster image output support is provided by ImageMagick. It can be used for VHDL or verilog presentations...

[SECURITY] Fedora 26 Update: drawtiming-0.7.1-22.fc26

A command line tool for generating timing diagrams from ASCII input files. The input files use a structured language to represent signal state transitions and interdependencies. Raster image output support is provided by ImageMagick. It can be used for VHDL or verilog presentations...

Pragyan CMS SQL Injection Vulnerability (CNVD-2017-34577)

Pragyan CMS is a multi-user, modular PHP and MySQL based Content Management System CMS. The system supports custom built-in frameworks, user group rights management, search engine optimization and more. A SQL injection vulnerability exists in Pragyan CMS version 3.0. A remote attacker can exploit...

SQL Injection Vulnerability in Guizhou Chitong Network Technology Co.

Guizhou Chitong Network Technology Co., Ltd. is an Internet service provider. The services offered include: website direct ID registration, website full network promotion, enterprise official website construction, e-commerce platform type website construction, website optimization outsourcing and...

Wordpress plugin image-gallery-with-slideshow 'imgid' parameter SQL injection vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Wordpress plugin image-gallery-with-slideshow. A remote attacker can exploit the...

EyesOfNetwork web interface SQL injection vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...

EyesOfNetwork web interface SQL injection vulnerability (CNVD-2017-33830)

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...