229 matches found
Sql injection
The attacker could get access to the database. The SQL injection is in the username parameter at the login panel: username: admin'--...
June 7, 2022, update for Office 2016 (KB5002182)
June 7, 2022, update for Office 2016 KB5002182 This article describes update 5002182 for Microsoft Office 2016 that was released on June 7, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to Offi...
GHSA-Q68V-VCJG-R3VP TYPO3 allows remote attackers to obtain the database name via a direct request
The Command Line Interface CLI script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request...
February 1, 2022, update for Office 2013 (KB5002151)
February 1, 2022, update for Office 2013 KB5002151 This article describes update 5002151 for Microsoft Office 2013 that was released on February 1, 2022. This update also applies to Office Home and Student 2013 RT.Be aware that the update in the Microsoft Download Center applies to the Microsoft...
The vulnerability of the relational database management system used by Microsoft Access programs within the Microsoft Office and Office 365 suites allows a perpetrator to execute arbitrary code.
The vulnerability of the relational database management system used by Microsoft Access programs within the Microsoft Office and Office 365 suites exists due to errors in object processing in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
List of all Office 2010 SP1 packages
List of all Office 2010 SP1 packages Summary This article lists all the Microsoft Office 2010 Service Pack 1 SP1 client packages and the information about how to obtain them. Resolution To obtain these SP1 packages, use one of the following methods. Method 1: Microsoft Update recommended To...
Logic flaw vulnerability in old y article management system
The old y article management system is based on the old y Asp Access/Mssql environment developed under the open source website building products . Old y article management system has a logic flaw vulnerability , attackers can use the vulnerability to obtain sensitive information...
SQL Injection Vulnerability in jianbook s****w.asp Page
jianbook is an ultra-clean online message system, the system is developed by asp + Access, the front-end backend in one. The jianbook sw.asp page has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
jianbook has a flawed logic vulnerability
jianbook is an ultra-clean online message system, the system is developed by asp + Access, the front-end backend in one. jianbook has a logic flaw vulnerability that can be exploited by attackers to bypass authentication and obtain administrator privileges...
SQL Injection Vulnerability in ab***.php of Ebay's website builder system
Ltd. is a brand of Jinan Dotchuang Network Technology Co., Ltd, which is a professional provider and operator of high-tech network and software technology services in Shandong Province. There is a sql injection vulnerability in ab.php, which can be exploited by attackers to obtain sensitive...
Computrols CBAS Web Hardcoded Encryption Key Vulnerability
CBAS Web is a Web-based building management system BMS from Computrols. A hard-coded encryption key vulnerability exists in Computrols CBAS Web. The vulnerability stems from multiple scripts that contain hard-coded encryption keys used to decrypt database backup files. An authenticated attacker...
March 19, 2019—KB4489892 (Preview of Monthly Rollup)
March 19, 2019—KB4489892 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4489878 released March 12, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...
March 19, 2019—KB4489890 (OS Build 16299.1059)
March 19, 2019—KB4489890 OS Build 16299.1059 Reminder: March 12th and April 9th will be the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change plea...
January 17, 2019—KB4480955 (Preview of Monthly Rollup)
January 17, 2019—KB4480955 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4480970 released January 8, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...
Microsoft Access Database Engine ACECORE Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...
Microsoft Patches Zero Day Browser Bug Under Active Attack
It’s a busy Patch Tuesday for Microsoft with a total of 20 critical vulnerabilities addressed in this February’s monthly security bulletin. Four bugs, rated important, were previously publicly known. Worse, Microsoft said a zero-day bug tied to its Internet Explorer browser, also rated important,...
Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...
Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...
Microsoft Access Database Engine ACEEXCL Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...
Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...