Open Ticket Request System FAQ SQL Injection Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software from the German OTRS Group. The software categorizes service requests submitted by phone, email and other channels into different queues, service levels, and service personnel through the OTRS system ...

Enterprise Flow Control Routing Product iKuai IK-G20 SQL Injection Vulnerability

The Ikuai IK-G20 is an enterprise-class flow control router from China's AllConvergence Network Technology. An SQL injection vulnerability exists in the enterprise-class flow control routing product iKuai IK-G20 iKuai82.6.5Build20160815 and historical versions. An attacker can use this...

SQL Injection Vulnerability in School Management System of Shenzhen Chuangyou Network Co.

Shenzhen Chuangyou Networks school management system is a secondary school-based education management software. The product /sysTemplateWeb/ShowWebStyle.aspx?XXDM=440203000008&CatalogId= there is a SQL injection vulnerability, the injection parameter is CatalogId, the attacker can use the...

SQL injection vulnerability in the zwkm parameter of the modifyzdjb.jsp page of the ilasIII digital library system of Shenzhen Ketu Automation New Technology Application Company.

Integrated Library Automation System ILAS is the Ministry of Culture in 1988 as a national key scientific and technological projects issued by the Shenzhen Library to undertake and organize the development of a set of libraries at home and abroad to adapt to different levels, a variety of scales,...

vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

SQL Injection Vulnerability in the id Parameter of Nanchangwei.com Electronic Newspaper System

"VNN Digital Newspaper" is a professional software product for digitizing newspapers, which can provide a perfect solution for paper newspapers to go online. It allows the original newspaper layout to be quickly and easily presented to readers through the Internet. There exists a SQL injection...

SQL Injection Vulnerability in TUTUCMS Order Parameter

TUTUCMS is a CMS image management system focused on the development of image-based websites. TUTUCMS x2.6 version has a SQL injection vulnerability, due to the system does not strictly filter order parameters, only the source code to do the corresponding code audit. Allow attackers to exploit the...

SQL Injection Vulnerability in Asset Management System sysbh Parameter of Jinan Guozi Digital Technology Co.

Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. The product suffers from SQL injection vulnerability, the vulnerability URL is: http://host/dxyqsyspt/sysDetail.aspx?sysbh=000001 The...

SQL Injection Vulnerability in SmartClient.asmx?op Page of Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the SmartClient.asmx?op page of Xinwei Software's E-learning system. An attacker can exploit the vulnerability to obtain sensitive information from the website...

SQL Injection Vulnerability in the Templetid Parameter of Hopping Collaborative Content Management System

HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the templetid parameter of HZCMS. Attackers can use the vulnerability to obtain data information...

SQL Injection Vulnerability in the VoteId Parameter of Hopping Collaborative Content Management System (CCMS)

HZCMS is a website group content management system based on Java and XML technology. A SQL injection vulnerability exists in the voteId parameter of the HZCMS. An attacker can exploit the vulnerability to obtain database information...

CVE-2016-5817

SQL injection vulnerability in news pages in Cargotec Navis WebAccess before 2016-08-10 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Moxa SoftCMS SQL Injection Vulnerability

Moxa SoftCMS is a centralized management software for type monitoring systems. Moxa SoftCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain database data...

MediaCoder '.m3u' Buffer Overflow Vulnerability

Mediacoder is a free universal audio/video batch transcoding tool. A buffer overflow vulnerability exists in MediaCoder. Yes, because MediaCoder does not check the contents of the file when processing .m3u files, resulting in subsequent functions will load the contents of the file, continuous...

Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0151 Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4296 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office...

Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0148 Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4293 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul...

SQL Injection Vulnerability in Video Conferencing System of Tangqiao Technology (Hangzhou) Co.

Video conferencing system is a remote collaborative video software, a kind of cloud conference system developed by Tangqiao Technology Hangzhou Co. The product suffers from an SQL injection vulnerability, which can be exploited by attackers to obtain database data...

Multiple vulnerabilities in the Joomla! Huge-IT Image Gallery extension (CNVD-2016-05734)

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds , site search and other features . Huge-IT Image Gallery is one of the image gallery extension plug-ins . A SQL injection vulnerability and a cross-site scripti...

mysql: unspecified vulnerability in subcomponent: Server: DML (CPU January 2016)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML...

The vulnerability in the embedded software of MicroLogix 1100 and MicroLogix 1400 allows a hacker to execute SQL code.

The vulnerability of the embedded software in MicroLogix 1100 and MicroLogix 1400 programs lies in the lack of protection for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code, resulting in the creation or deletion of accounts, or the elevation o...