Lucene search
+L

267 matches found

NVD
NVD
added 2020/07/16 6:15 p.m.28 views

CVE-2020-3378

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4.3CVSS0.00691EPSS
Exploits0References1
Prion
Prion
added 2020/07/16 6:15 p.m.17 views

Sql injection

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4CVSS5.1AI score0.00691EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/16 5:21 p.m.29 views

CVE-2020-3378 Cisco SD-WAN vManage Software SQL Injection Vulnerability

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4.3CVSS5AI score0.00691EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/07/16 5:21 p.m.13 views

CVE-2020-3378 Cisco SD-WAN vManage Software SQL Injection Vulnerability

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4.3CVSS7.7AI score0.00691EPSS
Exploits0References1
Cisco
Cisco
added 2020/07/15 4:0 p.m.52 views

Cisco SD-WAN vManage Software SQL Injection Vulnerability

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4.3CVSS2.3AI score0.00691EPSS
Exploits0References1
NVD
NVD
added 2020/03/22 5:15 a.m.26 views

CVE-2020-10803

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results in tblgetfield.php and libraries/classes/Display/Results.php. The attacker must be able to insert...

5.4CVSS6.6AI score0.01593EPSS
Exploits0References8
OSV
OSV
added 2020/03/22 5:15 a.m.31 views

CVE-2020-10803

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results in tblgetfield.php and libraries/classes/Display/Results.php. The attacker must be able to insert...

5.4CVSS7.7AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2020/03/22 5:15 a.m.28 views

CVE-2020-10803

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results in tblgetfield.php and libraries/classes/Display/Results.php. The attacker must be able to insert...

5.4CVSS6.9AI score0.01593EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/03/19 5:55 p.m.53 views

CVE-2019-16065

A remote SQL injection web vulnerability was discovered in the Enigma NMS 65.0.0 and prior web application that allows an attacker to execute SQL commands to expose and compromise the web server, expose database tables and values, and potentially execute system-based commands as the mysql user...

9.2AI score0.0281EPSS
Exploits5References1
NVD
NVD
added 2020/01/26 5:15 a.m.21 views

CVE-2019-12619

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.5CVSS6.6AI score0.00725EPSS
Exploits0References1
Prion
Prion
added 2020/01/26 5:15 a.m.21 views

Sql injection

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

4CVSS6.8AI score0.00725EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/01/26 4:25 a.m.9 views

CVE-2019-12619 Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.4CVSS7.4AI score0.00725EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/01/26 4:25 a.m.27 views

CVE-2019-12619 Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.4CVSS6.7AI score0.00725EPSS
Exploits0References1
Cisco
Cisco
added 2020/01/22 4:0 p.m.49 views

Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.4CVSS2.3AI score0.00725EPSS
Exploits0References1
Prion
Prion
added 2020/01/16 9:15 p.m.18 views

Design/Logic Flaw

The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state deleting all site content stored in that table, as demonstrated by a wp-admin/admin-post.php?db-reset-tables=comments...

6.4CVSS8.9AI score0.22928EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2019/07/17 9:15 p.m.35 views

CVE-2019-1942

A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

6.5CVSS5.5AI score0.01226EPSS
Exploits0References2
Prion
Prion
added 2019/07/17 9:15 p.m.22 views

Sql injection

A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4CVSS6.7AI score0.01226EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/17 8:25 p.m.35 views

CVE-2019-1942 Cisco Identity Services Engine Blind SQL Injection Vulnerability

A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4.3CVSS6.7AI score0.01226EPSS
Exploits0References2
Prion
Prion
added 2019/05/16 1:29 a.m.26 views

Sql injection

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplie...

5.5CVSS8.2AI score0.01901EPSS
Exploits1References2Affected Software2
Prion
Prion
added 2019/05/16 1:29 a.m.28 views

Sql injection

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplie...

5.5CVSS8.2AI score0.01901EPSS
Exploits1References2Affected Software3
Rows per page
Query Builder