19 matches found
EUVD-2019-20162
All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send requests to the admin interface with UNION-based SQL injection payloads in the id...
EUVD-2019-19403
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information...
CVE-2021-41609
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
ClassApps SelectSurvey.NET SQL Injection Vulnerability
Net is a survey software from ClassApps, Inc. built using Microsoft's cutting-edge . A SQL injection vulnerability exists in the ID parameter of the UploadedImageDisplay.aspx endpoint, which can be exploited by an unauthenticated attacker to retrieve data from the application's back-end database...
CVE-2021-41609
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
CVE-2021-41609
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
Sql injection
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
CVE-2021-41609
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...
ClassApps SelectSurvey.NET SQL注入漏洞
Net is a survey software from ClassApps, Inc. built using Microsoft's cutting-edge . A SQL injection vulnerability exists in the ID parameter of the UploadedImageDisplay.aspx endpoint, which can be exploited by an unauthenticated attacker to retrieve data from the application's back-end database...
Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection
Joomla! Component Simple Membership 3.3.3 - the 'userId' Parameter SQL Injection Joomla! Component Simple Membership 3.3.3, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you tu...
SQL Injection Vulnerability in showAjaxGetTransferLogDetail Function of Tibco Call Center System
The core of the Tibco call center system is a communication-based enterprise internal and external communication system. A SQL injection vulnerability exists in the showAjaxGetTransferLogDetail function of the call center system. Vulnerability file: /userweb/php/index/crmManager.class.php, exploi...
SQL Injection Vulnerability in ShowAjaxOptions Function of Tibco Call Center System
The core of the Tibco call center system is a communication-based enterprise internal and external communication system. A SQL injection vulnerability exists in the showAjaxOptions function of the Tibco Call Center System. Vulnerability file: /userweb/php/index/Outbound.class.php, exploit: UNION...
SQL Injection Vulnerability in ShoweditField Function of Tibco Call Center System
The core of Tibco's call center system is a communication-based system for internal and external corporate communication. A SQL injection vulnerability exists in the showeditField function of the Tibco Call Center System. Vulnerability file: /userweb/php/index/fieldConfig.class.php, exploit: UNIO...
用友 FE 协作办公平台 /mas/schedule.jsp 系统Union注入漏洞
No description provided by source...
RoundCube 0.3.1 XRF/SQL injection
No description provided by source. Exploit Title: RoundCube 0.3.1 SQL injection Date: 10/10/2011 Author: Smith Falcon Software Link: http://roundcube.net/download Version: 0.3.1 Tested on: Linux timezone= is vulnerable to SQL Union Injection. POST data in http://site.com/roundcube/index.php...
Roundcube Webmail 0.3.1 - Cross-Site Request Forgery SQL Injection
Roundcube Webmail 0.3.1 - Cross-Site Request Forgery SQL Injection Exploit Title: RoundCube 0.3.1 SQL injection Date: 10/10/2011 Author: Smith Falcon Software Link: http://roundcube.net/download Version: 0.3.1 Tested on: Linux timezone= is vulnerable to SQL Union Injection. "POST" data in...
Rackspace SQL Injection
-------------------------------------------------------------------------------------------------------------------------- + www.rackspace.com SQL Injection vulnerability + Found By: Rohit Bansal SCHAP Security http://schap.org + Date: 01-08-2009...
Good fine enterprise website Management System 2 0 0 7-V09 vulnerability-vulnerability warning-the black bar safety net
Relates to version: fine fine enterprise website Management System2 0 0 7-V09official commercial version The other version did not do the test /Should be all of the/ Vulnerability file: EnProductShow. asp /subsequent versions/ ProductShow. asp /earlier version/ ProductShow. asp /later versions/...
bcooslid-sql.txt
bcoos /mysections/ratefile.php lid variable SQL injection vendor url: http://www.bcoops.net Advisore: http://lostmon.blogspot.com/2008/02/ bcoos-mysectionsratefilephp-lid.html vendor notify:NO exploits available: YES bcoos is content-community management system written in PHP-MySQL. bcoops contai...