Drupal SQL Comment Filtering System SQL Injection Vulnerability

Drupal is a free and open source content management system developed in PHP. A SQL injection vulnerability exists in the Drupal SQL Comment Filtering System, which allows remote attackers to exploit the vulnerability to submit specially crafted SQL queries to manipulate or obtain database data...

SQL Injection Vulnerability in Anhui Business Network CMS System

A SQL injection vulnerability exists in the CMS system of Anhui Business Network. An attacker can exploit the vulnerability to obtain sensitive information from the database...

Filezilla Client - SEH Buffer Overflow Vulnerability

FileZilla Client is a free FTP client software. A buffer overflow vulnerability exists in Filezilla Client - SEH. An attacker can exploit the vulnerability to perform a task vulnerability...

Generalized SQL Injection Vulnerability in Seven Colors Network Website Builder System

A generic SQL injection vulnerability exists in the Seven Colors Network website builder system. The vulnerability allows attackers to obtain sensitive database information...

SQL Injection and Arbitrary File Upload Vulnerabilities in Rural Electronic Monitoring Platform of Beijing Zhongnong Xinda Information Technology Co.

Beijing Zhongnong Xinda Information Technology Co., Ltd. is a provider of comprehensive services for three rural informatization, and the Rural Electronic Monitoring Platform is one of the company's monitoring platforms. A SQL injection and arbitrary file upload vulnerability exists in the Rural...

Symantec Endpoint Protection Manager SQL Injection Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 A SQL injection vulnerability exists in the management console of...

SO Planning SQL Injection Vulnerability

SO Planning is a free and open source set of online project production and management tools. SO Planning is vulnerable to a SQL injection vulnerability. The vulnerability is due to the program failing to adequately filter user-submitted input before constructing SQL query statements. An attacker...

Cacti SQL Injection Vulnerability (CNVD-2015-04994)

Cacti is based on PHP, MySQL, SNMP and RRDTool developed a set of graphical analysis of network traffic monitoring tools . Cacti 'graphs.php' , 'cdef.php', 'datatemplates.php', 'graphtemplates.php' and 'hosttemplates.php' scripts incorrectly filter user input, allowing remote attackers to exploit...

Sysphonic Thetis SQL Injection Vulnerability

Thetis World-Strongest groupware/web collaboration suite is based on Ruby on Rails. A SQL injection vulnerability exists in Sysphonic Thetis versions prior to 2.3.0, which can be exploited by remote attackers to execute arbitrary SQL commands...

SQL Injection Vulnerability in Panmicro E-office /E-mobile/create/ajax_do.php Parameters

Panmicro E-office is an OA product launched by Panmicro for small and medium-sized organizations. A SQL injection vulnerability exists in the Panmicro E-office /E-mobile/create/ajaxdo.php parameter, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in Gobetters Video Conferencing System /web/server/serverstart.php?machineid= Parameter

GoBetter video conferencing system is a pure software video conferencing system with high-performance audio and video interactions, as well as perfect data functions launched by GoBetter. A SQL injection vulnerability exists in the Gobetters Video Conferencing...

TCCMSV9.0 Latest Version SQL Injection Vulnerability

TCCMS is a content management system. TCCMSV9.0 has multiple SQL injection vulnerabilities in app/controller/news.class.php, which can be exploited by attackers to either obtain sensitive database information...

SQL Injection Vulnerability in sGaoHao Parameter of Nanjing Jenohan Journal Submission System

Nanjing Jenohan Software Technology Co., Ltd. is for the development of hospital full cost accounting decision support software system, hospital performance management information system and hospital customer management information system. SQL injection vulnerability exists in the sGaoHao paramet...

concrete5 'Access.php' SQL Injection Vulnerability

concrete5 is a free content management system CMS developed by Portland Labs in the United States. The system allows editing and layout directly on the page. A SQL injection vulnerability exists in concrete5 that stems from the program failing to adequately filter user-submitted input before...

SQL Injection Vulnerability in Haitian OA System ID Parameter

Haitian OA network office system is suitable for enterprises and institutions of the general-purpose network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerabili...

SQL Injection Vulnerability in OAID Parameter of Haitian OA System/Documents/OA_DocDisplay_NewWindow.asp Page

Haitian OA network office system is suitable for enterprises and institutions of the general-purpose network office software, the system adopts the leading B / S browser / server mode of operation, so that the network office is not subject to geographical restrictions. A SQL injection vulnerabili...

ApPHP Hotel Site SQL Injection Vulnerability

ApPHP Hotel Site is a PHP-based hotel management solution from ApPHP USA. The program provides hotel management and online booking and other functions. A SQL injection vulnerability exists in ApPHP Hotel Site version 3.x.x. The vulnerability stems from the index.php script failing to adequately...

Cacti SQL Injection Vulnerability (CNVD-2015-03938)

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti Group. The tool through snmpget to obtain data , using RRDtool drawing graphs to analyze , and provide data and user management features . A SQL injection vulnerability exists in versions prior to Cacti...

Aruba Networks CPPM SQL Injection Vulnerability

Aruba Networks ClearPass Policy Manager is an advanced policy management platform for role- and device-based network access control. A security vulnerability exists in Aruba Networks ClearPass Policy Manager CPPM, which can be exploited by remote administrators to execute arbitrary SQL commands...

Cisco Unified Web and E-Mail Interaction Manager SQL Injection Vulnerability

Cisco Unified Web and E-mail Interaction Manager are both products in the Customer Collaboration Contact Center of the American Cisco Cisco company. A SQL injection vulnerability exists in Cisco Unified Web and E-Mail Interaction Manager, which could be exploited by a remote attacker to submit a...