EUVD-2021-34841

LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the searchquery parameter. Attackers can send POST requests to /search.php with malicious searchquery values using CASE WHEN statements to extra...

Exploit for CVE-2025-4396

CVE-2025-4396 Exploit: Relevanssi SQL Injection Time-Based...

postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

USN-3066-1 postgresql-9.1, postgresql-9.3, postgresql-9.5 vulnerabilities

Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. CVE-2016-5423 Nathan Bossart discovered that PostgreSQL incorrectly handled speci...

Debian DSA-3646-1 : postgresql-9.4 - security update

Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. - CVE-2016-5423 Karthikeyan Jambu Rajaraman discovered that nested CASE-WHEN expressions are not properly evaluated, potentially leading to a crash or allowing to disclose portions of server memory. - CVE-2016-5424...

[SECURITY] [DSA 3646-1] postgresql-9.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3646-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 11, 2016 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3646-1 (postgresql-9.4 - security update)

Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. CVE-2016-5423 Karthikeyan Jambu Rajaraman discovered that nested CASE-WHEN expressions are not properly evaluated, potentially leading to a crash or allowing to disclose portions of server memory. CVE-2016-5424 Nath...

glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== glFusion = 4.1 php.ini independent google dork: "Page created in" "seconds by glFusion" +RSS Vulnerability, sql injection in 'order' and 'direction' arguments: look...