CVE-2018-1280

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents...

CVE-2018-1280

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents...

CVE-2018-1280

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents...

Fedora 23 : owncloud-8.0.9-1.fc23 (2015-a6be3a6810)

This update provides the latest upstream release of ownCloud in the current minor series - 8.0.9 for all releases but EPEL 6, 7.0.11 for EPEL 6. These releases come with unspecified 'security improvements', so updating quickly is recommended. As usual, a minor update should apply smoothly, but we...

SugarCRM vulnerable to SQL injection

Overview SugarCRM contains a SQL injection vulnerability. SugarCRM is a customer relationship management CRM software. SugarCRM contains a SQL injection vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

ClearBudget <= 0.6.1 Unauthorized Access Vulnerability - Active Check

ClearBudget is prone to an unauthorized access vulnerability because it fails to properly restrict access to certain directories. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Opera Remote Code Execution and Information Disclosure Vulnerabilities (Windows)

The host is installed with Opera Web Browser and is prone to remote code execution and information disclosure Vulnerabilities. OpenVAS Vulnerability Test $Id: gboperainfodiscncodeexecwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Remote Code Execution and Information Disclosure Vulnerabiliti...

Opera Web Browser Multiple XSS Vulnerabilities - Windows

Opera web browser is prone to multiple Cross Site Scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Crafty Syntax Live Help 2.14.6 - &#039;department&#039; SQL Injection

Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online support system written in php that...

Sql injection

SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via 1 the ofinterest parameter in a light search query, 2 description parameter in the advanced search query, and possibly other vectors...

CVE-2007-2230

CVE-2007-2230 describes a SQL injection vulnerability in the CA Clever Path Portal. The issue allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents through multiple vectors, notably the ofinterest parameter in a light search query and the descr...

CVE-2007-2230

SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via 1 the ofinterest parameter in a light search query, 2 description parameter in the advanced search query, and possibly other vectors...

Information disclosure

show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive information database contents via a % percent character in the dbfieldv parameter...

CVE-2007-0638

show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive information database contents via a % percent character in the dbfieldv parameter...

EUVD-2007-0636

show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive information database contents via a % percent character in the dbfieldv parameter...

JVN#39103264 Owl SQL injection vulnerability

Impact A remote attacker may modify or steal the database contents. Solution Products Affected Owl version 0.90 and earlier...

CVE-2006-3675

Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents...

JVN#55425662: MyWeb SQL injection vulnerability

Impact A remote attacker could view or modify the database contents. Solution Products Affected MyWeb Portal Office cellular phone functionality MyWeb Standard Edition MyWeb Public Edition MyWeb Medical Edition MyWeb Citizen Edition MyWeb School Edition MyWeb Light Edition...

Oracle Text SQL injection vulnerability

Overview Oracle Text is vulnerable to SQL injection, which could allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description According to Oracle:Oracle Text uses standard SQL to index, search, and analyze text and documents stored in the Oracle...

EUVD-2002-1244

The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...