1385 matches found
CVE-2022-40831
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php like function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40832
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php having function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40826
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orhaving function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40833
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orwherein function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CodeIgniter SQL注入漏洞
CodeIgniter is an open source web framework written in PHP. A SQL injection vulnerability exists in CodeIgniter version 3.1.13 and earlier versions, which stems from a SQL injection problem in the orwherein method in the systemdatabaseDBquerybuilder.php location...
PT-2022-25559 · Unknown · Codeigniter
Name of the Vulnerable Software and Affected Versions: CodeIgniter versions =3.1.13 Description: The issue concerns SQL Injection via the where function in the system/database/DB query builder.php file. Note that the validity of this issue has been disputed by multiple third parties...
CodeIgniter SQL注入漏洞
CodeIgniter is an open source web framework written in PHP. A SQL injection vulnerability exists in CodeIgniter version 3.1.13 and earlier versions, which stems from a SQL injection problem in the orwherenotin method in the systemdatabaseDBquerybuilder.php location...
CodeIgniter SQL注入漏洞
CodeIgniter is an open source web framework written in PHP. A SQL injection vulnerability exists in CodeIgniter version 3.1.13 and earlier versions, which stems from a SQL injection problem in the ornotlike method in the systemdatabaseDBquerybuilder.php location...
PT-2022-26431 · Centreon · Centreon
Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the handling of...
CodeIgniter SQL注入漏洞
CodeIgniter is an open source web framework written in PHP. A SQL injection vulnerability exists in CodeIgniter version 3.1.13 and earlier versions, which stems from a SQL injection problem in the orhaving method in the systemdatabaseDBquerybuilder.php location...
CodeIgniter SQL注入漏洞
CodeIgniter is an open source web framework written in PHP. A SQL injection vulnerability exists in CodeIgniter version 3.1.13 and earlier versions, which stems from a SQL injection problem in the where method of the systemdatabaseDBquerybuilder.php location...
CVE-2022-39029
Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information...
Authorization
Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information...
CVE-2022-39029 Smart eVision - Exposure of Sensitive Information to an Unauthorized Actor -1
Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information...
CVE-2022-39029 Smart eVision - Exposure of Sensitive Information to an Unauthorized Actor -1
Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information...
Smart eVision 安全漏洞
Smart eVision Information Technology Smart eVision is a business intelligence platform of China Union Quan Information Technology Smart eVision Information Technology Company. Smart eVision is a business intelligence platform that combines business management rooms, dashboards, reports, and input...
PT-2022-24684 · Unknown · Smart Evision
Name of the Vulnerable Software and Affected Versions: Smart eVision affected versions not specified Description: The issue concerns inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information,...
JFinal SQL注入漏洞
JFinal is a Java-based language WEB ORM open source framework. JFinal CMS version 5.1.0 SQL injection vulnerability , the vulnerability stems from its several interfaces do not use the same components , and did not apply filters , and each interface uses its own SQL connection method , an attacke...
Wedding Planner SQL注入漏洞
Wedding Planner is a wedding planner program. Designed to provide users with an easy way to plan their wedding through a web application while using real data. Wedding Planner v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the id parameter in...
Rocket.Chat 信息泄露漏洞
Rocket.Chat is an open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker can exploit the vulnerability to obtain sensitive information...