Online Book Store version 1.0 suffers from a remote SQL injection vulnerability.
ff84f5276e5a66c210270a9ad5a3b6f0Rukovoditel Project Management CRM version 2.5.2 suffers from multiple remote SQL injection vulnerabilities.
d1cbf57ffd8df644d5e2b6f3df620f49Dairy Farm Shop Management System version 1.0 suffers from a remote SQL injection vulnerability.
cdfb7788dbf963e17bb76244204aa05bComplaint Management System version 4.0 suffers from a remote SQL injection vulnerability.
2d662f417e96fb2cf7d1f8a0c1bd8498Dairy Farm Shop Management System version 1.0 suffers from a remote SQL injection vulnerability.
75837a63fe7bd05e96573587c6453053Hostel Management System version 2.0 suffers from a remote SQL injection vulnerability.
819ce3712651251636b5a1acc8128216elaniin CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c4a6cf7e91401d6bd28306941ae5f7b0Karakuzu ERP Management Web version 5.7.0 suffers from a remote SQL injection vulnerability.
a8fa1ad24436b2f3a5c05a2b660a030bSmall CRM version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6485b757ad496b8249f9cb6c0e61680dHospital Management System version 4.0 suffers from a searchdata remote SQL injection vulnerability.
1156f81906465c2ee21ee8670b36f712BloodX version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ef190de3d255d5d4c333943018374424sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
4e346f6f7a6d4c3c9bc9de36413c7fc5Hospital Management System version 4.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ab549370ce552db01ebc34eeba901d3dShopping Portal ProVersion version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c59845b1ff55e879521042a0439a2430Thrive Smart Home version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
77fa2ff07fff998018a221ce9eca4313Wave version 2.0 suffers from a remote SQL injection vulnerability.
3a259fc3a2c1bdb8f5a277313bf511b7elearning-script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fb8acea883788dfcc45b20c0f399fd75Cera Intranet Community Theme version 1.0.1 suffers from a remote SQL injection vulnerability.
7f4a4918440ef190708ffb505e89d8bePRO-7070 Hazir Profesyonel Web Sitesi version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
791eab6baad5a9a9903848ffb987623dYouPHPTube versions 7.7 and below suffer from a remote SQL injection vulnerability in getChat.json.php.
bda45fa0236ae4d5e784d5a3ac75112asqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
c2cc97b70eead019d4bca860e3b7ce45NAPC Xinet (interface) Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginForm[username] field when double quotes are used.
19c74256613bc29f10c94c6dd8532054Ubuntu Security Notice 4200-1 - It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. It was discovered that an SQL injection could allow users to access protected information via a crafted object query.
ada5fb062f39b2ca18c42a61e8ca97d8Debian Linux Security Advisory 4574-1 - Hoger Just discovered an SQL injection in Redmine, a project management web application. In addition a cross-site scripting issue was found in Textile formatting.
6bfddcb9e5a9bb231d148e5d90237d2aDebian Linux Security Advisory 4572-1 - It was discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection.
a1179cf3fb2ace5df8619e84b931b2c5
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed