241 matches found
CVE-2023-37483
SAP PowerDesigner - version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy...
CVE-2023-37483
SAP PowerDesigner - version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy...
PT-2023-6500 · Sap · Sap Powerdesigner
Name of the Vulnerable Software and Affected Versions: SAP PowerDesigner version 16.7 Description: The issue is related to improper access control in SAP PowerDesigner, which could allow an unauthenticated attacker to run arbitrary queries against the back-end database via a proxy. This could...
CVE-2023-25838
There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex a...
Sql injection
There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is...
Sql injection
There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex a...
CVE-2023-25838 BUG-000157278 – ArcGIS Insights has a security vulnerability.
There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex a...
Esri ArcGIS Insights Desktop SQL注入漏洞
Esri ArcGIS Insights Desktop is a data analysis workbench from Environmental Systems Research Institute Esri, Inc. A SQL injection vulnerability exists in Esri ArcGIS Insights Desktop version 2022.1 ArcGIS Enterprise that originates from a vulnerability that could allow a remotely-authorized...
Esri ArcGIS Insights Desktop SQL注入漏洞
Esri ArcGIS Insights Desktop is a data analysis workbench from Environmental Systems Research Institute Esri, Inc. A SQL injection vulnerability exists in Esri ArcGIS Insights Desktop version 2022.1 Windows, Mac that originates from a vulnerability that allows a locally-authorized attacker to...
CVE-2023-32569
An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers who must have admin credentials to submit arbitrary SQL...
CVE-2023-25684
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...
Sql injection
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...
Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to SQL injection attack (CVE-2022-40615)
Summary IBM Sterling Partner Engagement Manager has addressed a SQL injection vulnerability. Vulnerability Details CVEID:CVE-2022-40615 DESCRIPTION: IBM Sterling Partner Engagement Manager is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could...
CVE-2022-22338
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510...
Sql injection
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510...
Simple Cold Storage Management System SQL Injection Vulnerability (CNVD-2023-69723)
Simple Cold Storage Management System is a simple cold storage management system. A SQL injection vulnerability exists in Simple Cold Storage Management System. An attacker could use this vulnerability to view, add, modify, or delete information in a back-end database...
Simple Cold Storage Management System SQL注入漏洞
Simple Cold Storage Management System is a simple cold storage management system. A SQL injection vulnerability exists in Simple Cold Storage Management System. An attacker could use this vulnerability to view, add, modify, or delete information in a back-end database...
Sql injection
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...
CVE-2022-2422 Feathers - SQL injection via attribute aliases
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...
CVE-2022-2422 Feathers - SQL injection via attribute aliases
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...