CVE-2023-25615

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...

CVE-2023-25615

SAP ABAP Platform SQL Injection (CVE-2023-25615): Affected versions include 751, 753, 754, 756, 757, 791. Root cause is insufficient input sanitization; an authenticated high-privileged user can inject malicious database queries over the network to alter the current session and access unintended ...

The vulnerability in the trigger_ratethread.php script of the Gimmie Plugin allows a violator to execute arbitrary SQL queries.

The vulnerability in the triggerratethread.php script of the Gimmie Plugin is related to the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

SUSE CVE-2022-24050

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

The vulnerability of the Web interface of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems, related to errors in processing input data, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of the Web interface of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries...

CVE-2023-22909

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow...

CVE-2023-22909

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow...

UBUNTU-CVE-2023-22909

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow...

SQL Injection

github.com/square/squalor is vulnerable to SQL injection. The vulnerability exists due to improper argument handling of the database queries which allows an attacker to inject and execute arbitrary SQL queries...

CVE-2023-0016

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database...

Sql injection

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database...

CVE-2023-0016 SQL Injection vulnerability in SAP Business Planning and Consolidation MS

SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database...

CVE-2023-22909

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow...

CVE-2023-22909

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow...

CVE-2022-1578

The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics Taiwan, China used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes and maximize...

SQL Injection

github.com/ibax-io/go-ibax is vulnerable to SQL injection. The vulnerability exists in the GetRowsInfo function of database.go due to improper argument handling of the database queries which allows an attacker to inject and execute arbitrary SQL queries...

SQL Injection

github.com/ibax-io/go-ibax is vulnerable to SQL injection. The vulnerability exists in the GetRowsInfo function of database.go due to improper argument handling of the database queries which allows an attacker to inject and execute arbitrary SQL queries...

SQL Injection

github.com/ibax-io/go-ibax is vulnerable to SQL injection. The vulnerability exists in the GetRowsInfo function of database.go due to improper argument handling of the database queries which allows an attacker to inject and execute arbitrary SQL queries...

Apache Isis 安全漏洞

Apache Isis is the United States Apache Apache Foundation , a framework for rapid development of domain-driven applications in Java . Apache Isis suffers from an authorization issue vulnerability that stems from the h2 webconsole module accessible in the prototype menu automatically providing the...