WordPress Answer My Question Plugin <= 1.3 - SQL Injection

This plugin is prone to an SQL injection vulnerability. It allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution There is no solution...

PT-2016-2972 · Microsoft · Chakra Javascript Engine +3

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Microsoft Internet Explorer affected versions not specified Microsoft Windows affected versions not specified Description: The issue is caused by a buffer overflow in the Chakra JavaScript engine...

Exponent CMS 'version' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the American OIC group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers fro...

Exponent CMS SQL Injection Vulnerability (CNVD-2016-10699)

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability exists in th...

Exponent CMS 'fileid' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...

Exponent CMS 'version' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...

Multiple SQL Injection Vulnerabilities in Douphp Backend

Douphp is a lightweight enterprise website management system, based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. Douphp background there are a number of SQL injection vulnerabilities, 1 due to the background is not sufficient to filter the parameters...

SAP NetWeaver ABAP 'ST-PI' Component SQL Injection Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A SQL injection vulnerability exists in SAP NetWeaver ABAP due to failure to adequately filter user input data. ...

Oracle VirtualBox Multiple Security Bypass And DoS Vulnerabilities - Windows

Oracle VirtualBox is prone to multiple security bypass and denial of service vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

Oracle VirtualBox VRDE Privilege Escalation Vulnerability - Mac OS X

Oracle VirtualBox is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Java SE Multiple Unspecified Vulnerabilities-01 (Oct 2016) - Linux

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle VirtualBox VRDE Privilege Escalation Vulnerability - Windows

Oracle VirtualBox is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Java SE Multiple Unspecified Vulnerabilities-01 (Oct 2016) - Windows

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQL injection vulnerability in WordPress plugin WP-OliveCart

Overview WP-OliveCart provided by Olive Design is a WordPress plugin to construct a shopping site. WP-OliveCart contains an SQL injection vulnerability. Gen Sato of TRADE WORKS Co.,Ltd Security Dept. reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under information...

Unspecified Vulnerability in Oracle Fusion Middleware Oracle Outside In Technology Component (CNVD-2016-10061)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platform for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, and other capabilities. oracle Outside In Technology is one of the software development...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Applications DBA Component

Oracle E-Business Suite E-Business Suite is Oracle's Oracle set of fully integrated global business management software. Oracle Applications DBA is one of the application database management component. An unspecified vulnerability exists in the AD Utilities subcomponent of the Oracle Applications...

Unspecified Vulnerability in Oracle E-Business Suite Oracle iStore Component

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. Oracle iStore is one of the ability to allow merchant...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2016-09916)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in the Oracle...

Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools 'LDAP' Subware

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation, and PeopleSoft Enterprise PeopleTools is one of the tools and technology components that transforms the way organizations manage, use, and maintain their PeopleSoft software. PeopleSoft...

Oracle Commerce Unspecified Vulnerability in Oracle Commerce Guided Search Component

Oracle Commerce is a set of e-commerce solutions platform of Oracle Corporation Oracle, Oracle Commerce Guided Search is one of the components that supports dynamic searching and finding relevant and required items for customers in the website. A remote security vulnerability exists in the Oracle...