SQL injection vulnerability in the coursewares.htm?recommend= parameter of the distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is an online knowledge trading platform centered on real-time interactive online classroom, combining powerful functions such as courseware on-demand, course transaction, online payment, and online examination, etc. for students and teachers in...

Apache Ranger SQL Injection Vulnerability

Apache Ranger is a set of architectures for implementing comprehensive security measures for Hadoop clusters, providing centralized security policy management for core enterprise security requirements such as authorization, billing and data protection. Apache Ranger suffers from a SQL injection...

Linknat SQL Injection Vulnerability

Linknat suffers from a SQL injection vulnerability. An attacker is able to execute malicious sql commands to connect to dbms...

Patron Info System SQL Injection Vulnerability

Patron Info System is a customer information system. Patron Info System has a remote sql injection vulnerability that allows remote attackers to execute malicious sql commands to connect to dbms...

IBM Marketing Platform SQL Injection Vulnerability (CNVD-2016-03333)

IBM Marketing Platform is a suite of marketing platforms from IBM in the United States. The platform supports marketers in leveraging and analyzing customer interactions on websites, cell phones and social media to deliver targeted marketing campaigns to customers. A SQL injection vulnerability...

Admin panel UliCMS SQL Injection Vulnerability

UliCMS is a web content management solution. A SQL code injection exists due to the "countryblacklist" variable of the page "action=spamfilter". An attacker can exploit the vulnerability to execute database code...

Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability

Cisco Cloud Network Automation Provisioner is a suite of cloud network automation provisioning software. A SQL injection vulnerability exists in Cisco Cloud Network Automation Provisioner, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...

IBM's Watson Supercomputer Tackles Security

IBM is leveraging the power of its Watson supercomputer to thwart viruses, ransomware and DDoS attacks. On Tuesday it unveiled an ambitious plan to feed Watson billions of data points from security sources daily so that Watson can spot anomalies as they happen and stop them dead in their tracks...

biweb SQL Injection Vulnerability

BIWEB Business Intelligence Website System is a website system relying on ArthurXF enterprise application-level PHP development framework, developed and designed by the Shanghai NetWorks Network Information Co., Ltd. is a rapid development, simple and easy to use object-oriented enterprise...

Cacti graph_view.php SQL Injection Vulnerability

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti Group. A SQL injection vulnerability in Cacti graphview.php allows attackers to exploit the vulnerability to execute arbitrary SQL commands...

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the IBM Maximo Asset Management software’s asset management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

BlackBerry Enterprise Service Management Console SQL Injection Vulnerability

BlackBerry Enterprise Service is a next-generation mobile device management platform. A SQL injection vulnerability exists in the Management Console component of BlackBerry Enterprise Service, which could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or...

SQL Injection Vulnerability in ntao website builder system

ntao website builder is a self-service website builder system. The product suffers from a sql injection vulnerability, which can be exploited by an attacker to obtain sensitive database information...

DotCMS SQL Injection Vulnerability

DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A SQL injection vulnerability exists in DotCMS version 3.3, which originates from the...

Stack Buffer Overflow Vulnerability in PhotoLine's Handling of GIF Images

PhotoLine is a professional image editing software from Germany. The software suffers from a stack buffer overflow vulnerability when processing the GIF format. An attacker can exploit the vulnerability to flood the SEH chain table, resulting in arbitrary code execution...

Vwins SQL Injection Vulnerability

vwins is an open source WeChat public , WeChat enterprise and pay as you go service window management system . Vwins has a SQL injection vulnerability, attackers can use the vulnerability to obtain database information, constituting a sensitive information leakage...

Microsoft Enhanced Mitigation Experience Toolkit Security Bypass Vulnerability

Microsoft Enhanced Mitigation Experience Toolkit is a security tool introduced in response to vulnerabilities. It protects users from attacks even when patches are not installed through technologies such as Data Execution Protection DEP, Structured Exception Handling Override Protection SEHOP, an...

Flying Fox Link File System SQL Injection Vulnerability

Flying Fox Link File System is a file management system. Flying Fox Link File System suffers from a SQL injection vulnerability, which can be exploited by an attacker to obtain database information, resulting in the disclosure of sensitive information...

SQL Injection Vulnerability in Shandong Wave Government In-use System/view/chufajieguochaxun.aspx Page

Shandong Wave government in use administrative service system is a comprehensive administrative service system integrating information and consultation, approval and charge, management and coordination, complaint and supervision. A SQL injection vulnerability exists in the...

The vulnerability of the microprogramming software used in Cisco RV220W network switches allows attackers to execute arbitrary SQL commands.

The vulnerability of the web interface for managing microprogramming software on the Cisco RV220W network switch is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially...