4 matches found
CVE-2022-29676
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...
CVE-2022-29676
CVE-2022-29676 affects CSCMS Music Portal System v4.2, with a SQL injection vulnerability via the id parameter in /admin.php/pic/admin/lists/zhuan. Root cause: improper handling/unsafely constructed SQL from the id input, allowing attackers to execute SQL commands. Documents consistently describe...
CVE-2021-29676
IBM Security Verify Privilege Vault (10.9.66 and prior releases) is vulnerable to a link-injection flaw. A remote attacker could lure a user into clicking a specially crafted URL, enabling cross-site scripting, cache poisoning, or session hijacking. Affected product facet: IBM Security Verify Pri...
Security Bulletin: Multiple Vulnerabilities Have Been Identified In IBM Security Verify Privilege Vault
Summary Multiple vulnerabilities identified in IBM Security Verify Privilege Vault previously known as IBM Security Secret Server has been addressed in the release 10.9.66 Vulnerability Details CVEID: CVE-2021-29676 DESCRIPTION: IBM Security Verify is vulnerable to link injection. By persuading a...