CVE-2022-26667 Delta Electronics DIAEnergie SQL Injection in GetDemandAnalysisData

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-26338 Delta Electronics DIAEnergie SQL Injection in DIAE_hierarchyHandler.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerPagePKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-26666 Delta Electronics DIAEnergie SQL Injection in HandlerDialogECC.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-26666 Delta Electronics DIAEnergie SQL Injection in HandlerDialogECC.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-26887 Delta Electronics DIAEnergie SQL Injection in DIAE_HandlerTag_KID.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEloopmapHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-26836 Delta Electronics DIAEnergie SQL Injection in HandlerExport.ashx/Calendar.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in HandlerExport.ashx/Calendar. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-26059 Delta Electronics DIAEnergie SQL Injection in GetQueryData

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetQueryData. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

rpm: missing length checks in hdrblobInit()

A flaw was found in RPM’s hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

Progress Software MOVEit Transfer SQL注入漏洞

Progress Software MOVEit Transfer is a suite of file transfer software from Progress Software, USA. Progress MOVEit Transfer suffers from a SQL injection vulnerability that could be exploited by an unauthenticated, remote attacker to gain access to a database. Depending on the database engine use...

Sql injection

PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest unauthenticated can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the database and possibly...

CVE-2021-23230

A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359...

CVE-2021-23230

CVE-2021-23230 describes a SQL injection vulnerability in the Gallagher Command Centre’s OPCUA interface. The root cause is lack of validation of externally entered SQL statements, allowing a remote unprivileged Command Centre Operator to modify the command center databases undetected. Affected v...

Gallagher Command Centre Server SQL注入漏洞

Gallagher Command Center Server is a management system used by Gallagher of New Zealand to monitor and manage infrastructure in buildings. Gallagher Command Centre OPCUA Interface A SQL injection vulnerability exists due to a lack of validation of externally entered SQL statements in a...

Sql injection

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities are due to improper validation of user-submitted...

CVE-2020-10582

A SQL injection on the /admin/displayerrors.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to execute arbitrary SQL requests including data reading and modification on the database...

Sql injection

A SQL injection on the /admin/displayerrors.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to execute arbitrary SQL requests including data reading and modification on the database...

SQL Servers Blind SQL Injection Techniques

SQL injection techniques can allow remote attackers to execute SQL commands on SQL servers. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...

PT-2021-7696 · Rpm +10 · Rpm +10

Name of the Vulnerable Software and Affected Versions: RPM affected versions not specified Description: A flaw was found in RPM's hdrblobInit function in lib/header.c, which allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is t...

CVE-2020-28994

A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. The vulnerability allows for an unauthenticated attacker to perform various tasks such as modifying and leaking all contents of the database...

Sql injection

A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. The vulnerability allows for an unauthenticated attacker to perform various tasks such as modifying and leaking all contents of the database...