HCL AION 安全漏洞

HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to steal sensitive database data by injecting a...

ASUS Router SQL Injection Vulnerability

ASUS Router is a router product and accompanying management application from ASUS, primarily used for wireless connectivity and management of home and business networks. ASUS Router suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally enter...

Staff Audit System /search_index.php File SQL Injection Vulnerability

Staff Audit System is an employee audit system. Staff Audit System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /searchindex.php. An attacker can exploit this vulnerability to execut...

IBM Storage Scale SQL注入漏洞

IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations effectively manage and scale storage resources to meet growing data storage needs. IBM Storage Scale suffers from a SQL injection vulnerability that stems from the application's lack of...

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...

Scholars Tracking System SQL注入漏洞

Scholars Tracking System is a scholars tracking system by the individual developer Fabian Ros. Scholars Tracking System version 1.0 suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

Advantech iView SQL Injection Vulnerability (CNVD-2025-30967)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from the application's lack of validation of externally entered SQL statements. An...

Advantech iView SQL注入漏洞

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from the application's lack of validation of externally entered SQL statements. An...

EyesOfNetwork SQL注入漏洞

EyesOfNetwork EON is an open source, free IT monitoring solution from the EyesOfNetwork community. The solution provides features such as a business process configuration tool, generating pop-up windows when events occur in the active queue, and more. EyesOfNetwork EON 5.3.11 and prior versions...

CuppaCMS SQL注入漏洞

CuppaCMS is a content management system CMS.A SQL injection vulnerability exists in CuppaCMS, which stems from the lack of validation of externally entered SQL statements in the database-based application. An attacker could exploit this vulnerability to execute illegal SQL commands...

Sqlite SQL注入漏洞

Sqlite is a lightweight database that is an ACID-compliant relational database management system. Sqlite suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability ...

OpenEMR SQL注入漏洞

OpenEMR is an open source medical management system from the OpenEMR Openemr community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A SQL injection vulnerability exists in OpenEMR that stems from a lack of...

ISPConfig SQL注入漏洞

ISPConfig is an open source web hosting management program for Linux with a Web control panel , you can use the Web control panel to manage web hosting , open a website , open a mailbox , open and manage mysql databases , support for DNS resolution and monitor the server's operating conditions an...

SugarCRM SQL Injection Vulnerability (CNVD-2020-46297)

SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and enables information sharing and tracking of sales representatives. A SQL injection...

Online Polling System Authentication Bypass SQL Injection Vulnerability

Online Polling System is an online voting system. A security vulnerability exists in Online Polling System. The vulnerability stems from a database application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands...

Tortoise ORM SQL Injection Vulnerability

Tortoise ORM is an open source object-relational mapper . A SQL injection vulnerability exists in MySQL in Tortoise ORM versions prior to 0.15.23 and prior to 0.16.6. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker...

phpMyAdmin SQL Injection Vulnerability (CNVD-2020-21011)

phpMyAdmin is a free, web-based MySQL database management tool from the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A SQL injection vulnerability exists in phpMyAdmin version 4...

TYPO3 wec_discussion extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. wecdiscussion extension is a third-party forum extension plugin used in it. A SQL injection vulnerability exists in TYPO3 wecdiscussion extension versions prior to 2.1.1. The...

Lansweeper SQL Injection Vulnerability

Lansweeper is an IT asset management system. A SQL injection vulnerability exists in Lansweeper versions prior to 7.1.117.4, which stems from a lack of validation of externally-entered SQL statements in database-based applications and can be exploited by an attacker to execute illegal SQL command...