Sefrengo CMS management background SQL Injection Vulnerability
Release date:Updated on:
Affected Systems:Sefrengo 1.6.0Description:CVE (CAN) ID: CVE-2015-0919
Sefrengo CMS is an open-source Web content management system.
Multiple SQL injection vulnerabilities exist in the management background of Sefrengo CMS versi
Cisco Meraki local management interface firmware Installation Vulnerability (CVE-2014-7999)
Release date:Updated on:
Affected Systems:Cisco MerakiDescription:CVE (CAN) ID: CVE-2014-7999
Cisco Meraki is a cloud management solution.
A security vulnerability exists in the local ma
Wpa_supplicant P2P SSID Management Vulnerability (CVE-2015-1863)
Affected Systems:
Android 5.x
Android 4.x
Android wpa_supplicant 1.0-2.4
Description:
CVE (CAN) ID: CVE-2015-1863Wpa_supplicant is a Wi-Fi function component of Android and supports wireless connection authentication.When wpa_supplicant v1.0-v2.4 uses the SSID information after management
Release date:Updated on:
Affected Systems:Cisco SA540 2.1.18Cisco SA520W 2.1.18Unaffected system:Cisco SA540 2.1.19Cisco SA520W 2.1.19Description:--------------------------------------------------------------------------------Bugtraq id: 48812Cve id: CVE-2011-2546
Cisco SA 500 series security devices are integrated security solutions for small businesses with less than 100 employees.
Cisco SA 500 series products have the SQL injection vulnerability on
Software Terminal Security Management System File Download Vulnerability (one-click Download of the entire website)
Rt
Due to this vulnerabilityHttp: // **. **/bugs/wooyun-2015-0159690Directly drop the keywords of the question (chinansoft unified terminal security management system) to dumb,
Check the source code, and the Arbitrary File Download
A university management system has the general SQL injection vulnerability.
There is an injection vulnerability in the front-end and back-end of the Student Work Management System of Colleges and Universities Under Xi'an aoda Software Engineering Co., Ltd.1. University Student Work
About a year ago, I discovered the Cookie spoofing vulnerability in the Access edition of the image management system: any user can modify the Cookie to get the administrator privilege.
In February June this year, I sent an email to IOT platform about the vulnerability. They replied as follows:
"Hello, thank you for reminding me!Wish you a happy and healthy fam
Multiple Linksys EA Series vro Password Management Vulnerability (CVE-2014-8243)
Release date:Updated on:
Affected Systems:Linksys EA Series router EA6900Linksys EA Series router EA6700Linksys EA Series router EA6500Linksys EA Series router EA6400Linksys EA Series router EA6300Linksys EA Series router EA6200Linksys EA Series routers EA4500Description:Bugtraq id: 70860CVE (CAN) ID: CVE-2014-8243
Linksys is a
OAsql injection vulnerability in a school's Integrated Management Platform (affecting a large number of schools)
A large number of schools use this system management platform to discover no vulnerabilities, but this system comes with a set of OA Systems/Anmai/oa/adduser. aspxIn case of SQL injection in the password, it is hard to use it manually.
However, you
By Mr. DzYFrom www.0855. TV
The cherry website management system v1.1 has been released. Compared with the v1.0 page, It beautifies a lot. It also fixes the Upload Vulnerability of ewebeditor5.5.But the filtering is not strict, resulting in SQL injection.
V1.0 related: http://www.bkjia.com/Article/201104/87868.html
Cherry enterprise website management system f
Blue Shield smart traffic control management system SQL Injection Vulnerability
Blue Shield smart traffic control management system SQL Injection Vulnerability
The Blue Shield Intelligent Traffic Control Management System https: // 219.156.146.15/login.html logon box conta
Brief description: The Tag Cloud function is not strictly filtered. As a result, members can enter cross-site JS Script Reference on any product details page. The background Administrator account is leaked.
Detailed description:
Vulnerability proof: External test. js file content. Allows you to modify the username and retrieve the password mailbox of the Administrator account in the background.
The background administrator browses the page
Program name: Network PHP Enterprise website Management System 2.0 free versionThe following is a brief description of the system's features:1, the use of DIV+CSS layout tested compatible with IE and Firefox mainstream browser, other browsers have not been tested.2, product news level three unlimited classification.3, backstage can set up such as Administrator account password, site title, the bottom of the site copyright and other information.4. Back
Sangfor a management system product BASH Remote Command Execution Vulnerability (no login required)
Sangfor a system BASH Remote Command Execution Vulnerability
Sangfor application Delivery Management System. Multiple versions have the bash remote command execution vulnerability.Both versions 4.5 and 3.9 have vulnerabi
Brief description:The/user/UserLogin. asp file of the old Y Document Management System v2.5 sp2 has an SQL injection vulnerability, which allows malicious users to obtain any data in the database through the vulnerability. In addition, the background login is not handled properly, resulting in spoofing the management a
PHPMyWind Background Management Interface SQL Injection Vulnerability
The SQL injection vulnerability is caused by poor filtering on the background management interface. administrators with lower permissions can obtain higher permissions and obtain and modify the super administrator username and password.The problemati
FROM http://www.st999.cn/blog
In the past two days, I met an enterprise management system named wanbo several times. Today I downloaded it and looked at it. I found an injection vulnerability. What I was depressed about was that I had to do it manually, there is no way to use tools. Because I have found one, so I am not interested in it.
This injection vulnerability
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.