The vulnerability of the Cisco Unified Communications Manager system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the Cisco Unified Communications Manager IP telephony management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...

The vulnerability of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary SQL commands.

The vulnerability of the UDDI server component of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

Cuore EC-CUBE Help plug-in SQL Injection Vulnerability

Cuore EC-CUBE Help plug-in is a Japan Cuore company's use in EC-CUBE open source e-commerce site building platform and provide help function plug-in. A SQL injection vulnerability exists in the Cuore EC-CUBE Help plug-in, which allows remote attackers to execute arbitrary SQL commands via...

WeBid SQL Injection Vulnerability

WebID is the serial number of ESET antivirus software that can be obtained automatically. An SQL injection vulnerability exists in WeBid. Because the '$SESSION"id"' talkback variable is not properly filtered, an attacker can exploit the vulnerability to alter raw SQL queries and execute arbitrary...

Cisco RV220W SQL Injection Vulnerability

The Cisco RV220W is a wireless VPN firewall router product from Cisco. A SQL injection vulnerability exists in the web-based management interface of the Cisco RV220W, which can be exploited by remote attackers to submit a specially crafted SQL query to manipulate or obtain database data...

SQL Injection Vulnerability in Internet Behavior Audit Gateway of Chengdu Flying Fish Star Technology Development Co.

Chengdu Flying Fish Star Technology Co., Ltd. is dedicated to providing intelligent and easy-to-use network communication products and services. A SQL injection vulnerability exists in the Internet Behavior Audit Gateway of Chengdu Flyingfish Star Technology Development Co. An attacker is allowed...

The vulnerability of the WhatUp Gold monitoring system allows attackers to carry out attacks based on SQL injections.

The vulnerability of the DroneDeleteOldMeasurements implementation in the WhatUp Gold IT-infrastructure monitoring system is related to the lack of verification of the reliability of XML objects’ sequences. Exploiting this vulnerability allows a malicious actor, operating remotely, to carry out...

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. A security vulnerability exists in Cisco Unified Communications Manager 11.0 0.98000.225 that does not validate user input within a SQL query. An attacker sending a URL containing an SQL statement cou...

IBM InfoSphere BigInsights Big SQL Component Security Bypass Vulnerability

IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...

SQL Injection Vulnerability in 'channel' Parameter of Founder Xiangyu Web Content Management System

Founder Xiangyu website content management system is a full-process management platform for website information publishing. A SQL injection vulnerability exists in the Founder Xiangyu Web Content Management System. The lack of filtering of the 'channel' parameter allows an attacker to exploit the...

SQL Injection Vulnerability in Broadband Authentication and Billing System of Chengdu Starry Blue Ocean Network Technology Co.

Blue Ocean Premier Broadband Access Gateway is a specialized intelligent device for Ethernet broadband access. SQL injection vulnerability exists in the broadband authentication billing system of Chengdu Starry Blue Ocean Network Technology Co., Ltd. There is an injection point in the back-end...

The vulnerability of the IBM DB2 database management system allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by using a scalar function in an SQL query...

The vulnerability of the AMS Device Manager system allows a perpetrator to increase their privileges.

The vulnerability of the AMS Device Manager system control mechanism is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to enhance their privileges by making incorrect data inputs remotely...

SQL Injection Vulnerability in Panmicro OA Office System

Panavision OA Office System is a coordination office software. Panmicro OA Office System suffers from a SQL injection vulnerability and a lack of filtering of the formName parameter, which can be exploited by an attacker to obtain sensitive information from a website database...

SQL Injection Vulnerability in Decentralized Management (e-cology) System of Shanghai Panmicro Network Technology Co.

Panmicro collaborative management application platform e-cology is a set of collaborative business platform. An SQL injection vulnerability exists in the e-cology system, which can be exploited by an attacker to obtain database information due to the lack of filtering of the loginid parameter...

Shandong Nongyou Agricultural Integrity System SQL Injection Vulnerability

Shandong Nongyou Agricultural Integrity System is an agricultural management system. The Agricultural Integrity System suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

Shandong Nongyou Land Transfer Management Platform SQL Injection Vulnerability

Shandong Nongyou Land Transfer Management Platform is an agricultural management software. The Land Transfer Management Platform suffers from an SQL injection vulnerability that allows attackers to exploit the vulnerability to obtain sensitive information from the database...

The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary code.

The vulnerability of the SAP HANA database management system’s SQL interface exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the SQL server authentication process...

Vulnerability of the microprogramming software for Micrologix 1100 and 1400 programmable logic controllers, allowing attackers to execute arbitrary SQL commands

The vulnerability of the microprogrammed logic controllers Micrologix 1100 and 1400 lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

Multiple SQL Injection Vulnerabilities in Moneybookers Online Lending System

The P2P P2B/P2C network lending platform software is a comprehensive network lending business management system designed and developed for a variety of microfinance network lending models including P2P, P2B/P2C business models. There are multiple SQL injection vulnerabilities in the Moneybookers...