Lucene search
+L

241 matches found

Prion
Prion
added 2021/10/06 5:15 p.m.22 views

Sql injection

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 203734...

7.5CVSS9.2AI score0.01097EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/09/17 12:0 a.m.26 views

SAP Business One SQL Injection Vulnerability

SAP Business One is a suite of enterprise management software from SAP, a German company. SAP Business One version 10.0 has a SQL injection vulnerability that stems from the lack of effective validation and escaping of SQL statements, which can be exploited by an attacker with business privileges...

4.3CVSS3.4AI score0.00652EPSS
Exploits0References1
Prion
Prion
added 2021/09/14 12:15 p.m.19 views

Information disclosure

SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained...

4CVSS4.8AI score0.00652EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/14 11:24 a.m.32 views

CVE-2021-33688

SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained...

5AI score0.00652EPSS
Exploits0References2
CNVD
CNVD
added 2021/07/12 12:0 a.m.6 views

IBM InfoSphere Information Server SQL Injection Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server has a security vulnerability that can be exploited by an attacker to view...

8.8CVSS6.3AI score0.00968EPSS
Exploits0References1
NVD
NVD
added 2021/07/09 5:15 p.m.23 views

CVE-2021-29730

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 201164...

8.8CVSS0.00968EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/08 12:0 a.m.7 views

IBM InfoSphere Information Server SQL注入漏洞

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server has a security vulnerability that can be exploited by an attacker to view...

8.8CVSS5.7AI score0.00968EPSS
Exploits0References5
OSV
OSV
added 2021/07/01 4:15 p.m.7 views

CVE-2020-4902

IBM Datacap Taskmaster Capture IBM Datacap Navigator 9.1.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045...

8.8CVSS6.8AI score0.00968EPSS
Exploits0References2
NVD
NVD
added 2021/05/24 2:15 p.m.23 views

CVE-2020-4990

IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710...

8.8CVSS0.0112EPSS
Exploits0References2
OSV
OSV
added 2021/05/24 2:15 p.m.3 views

CVE-2020-4990

IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710...

8.8CVSS7.2AI score0.0112EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/05/24 1:55 p.m.24 views

CVE-2020-4990

IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710...

7.6CVSS8.6AI score0.0112EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.5 views

IBM Security Guardium SQL注入漏洞

IBM Security Guardium is a product of IBM IBM in the U.S. etc. IBM Security Guardium is a suite of platforms that provide data protection capabilities. github rd is a software application. github ic etc. are open source products. github ic is a software application. IBM Security Guardium suffers...

8.8CVSS7.8AI score0.0112EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/05/21 12:0 a.m.3 views

CVE-2020-4990

IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710...

8.8CVSS7.9AI score0.0112EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/01/20 3:15 p.m.29 views

CVE-2020-4921

IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398...

8.8CVSS8AI score0.01501EPSS
Exploits0References2
OSV
OSV
added 2021/01/20 3:15 p.m.4 views

CVE-2020-4921

IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398...

8.8CVSS7.2AI score0.01501EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/16 12:0 a.m.7 views

Dell EMC Avamar Server SQL Injection Vulnerability

Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers from Dell USA. A SQL injection vulnerability exists in Dell EMC Avamar Server 19.1, 19.2, 19.3, which could be exploited by an unauthenticated, remote attacker to cause certain SQL commands to be...

10CVSS7.7AI score0.02611EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/11/24 12:0 a.m.18 views

Cisco IoT Field Network Director Unauthenticated REST API (cisco-sa-FND-BCK-GHkPNZ5F)

A Rest API vulnerability exists in Cisco IoT Field Network Director IoT-FND due to IoT-FND not properly authenticating REST API calls. An unauthenticated, remote attacker can exploit this, by obtaining a cross-site request forgery CSRF token and then using the token with REST API requests, to...

10CVSS8.2AI score0.02173EPSS
Exploits0References4
CNVD
CNVD
added 2020/11/19 12:0 a.m.3 views

Cisco IoT Field Network Director Elevation of Privilege Vulnerability

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. An elevation of privilege vulnerability exists in the REST API of Cisco IoT Field Network Director versions prior to 4.6.1. The vulnerability stems from the software failing to properly authentica...

10CVSS7AI score0.02173EPSS
Exploits0References1
OSV
OSV
added 2020/11/18 7:15 p.m.4 views

CVE-2020-3531

A vulnerability in the REST API of Cisco IoT Field Network Director FND could allow an unauthenticated, remote attacker to access the back-end database of an affected system. The vulnerability exists because the affected software does not properly authenticate REST API calls. An attacker could...

9.8CVSS7.3AI score0.02173EPSS
Exploits0References1
Prion
Prion
added 2020/11/18 7:15 p.m.25 views

Cross site request forgery (csrf)

A vulnerability in the REST API of Cisco IoT Field Network Director FND could allow an unauthenticated, remote attacker to access the back-end database of an affected system. The vulnerability exists because the affected software does not properly authenticate REST API calls. An attacker could...

10CVSS9.3AI score0.02173EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder