Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the username/password...

CVE-2023-36942

A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field...

The vulnerability of the IBM DB2 database management system, related to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the IBM DB2 database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2, which can be exploited by an attacker to caus...

CVE-2023-35930

SpiceDB's LookupResources may return partial results in v1.22.0, allowing some subjects to slip through or be incorrectly denied. The root cause is using LookupResources for negative authorization decisions. Upgrade to v1.22.2 to patch the issue, or avoid using LookupResources for negative decisi...

Schweitzer Engineering Laboratories RTAC Insecure Storage of Sensitive Information (CVE-2023-31150)

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. This plugin only...

Vulnerability of the MySQL Server component: This component is part of the Database Management System, allowing attackers to cause service failures.

The vulnerability of the MySQL Server component of the database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2023-31150 Storing Passwords in a Recoverable Format

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to insufficient validation of input data, allows a perpetrator to cause service failures.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2023-27555

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187...

IBM DB2 输入验证错误漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2, which can be exploited by an attacker to caus...

CVE-2023-31043

EnterpriseDB EDB Postgres Advanced Server EPAS before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edbfilterlog.redactpasswordcommands. The fixed versions are 10.23.33, 11.18.29, 12.13.17,...

Debian: Security Advisory (DLA-592-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-25432

An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...

Sql injection

An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

Logic Flaw Vulnerability in Damon Database Management System (DM8)

Damon database management system DM8 is a new generation of large-scale general-purpose relational database. A logic flaw exists in DM8, which can be exploited by an attacker to write arbitrary files...

Command Execution Vulnerability in Apache CouchDB

Apache CouchDB is the United States Apache Apache Foundation's use of Erlang development of a document-oriented database system. Apache CouchDB suffers from a command execution vulnerability that can be exploited by an attacker to gain administrator privileges...

The vulnerability of the Red Database database management system lies in improper handling of values, which allows an attacker to trigger a service failure.

The vulnerability of the Red Database database management system is related to incorrect processing of values. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by invoking a vulnerable function...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 has an information disclosure vulnerability, which stems from improper privilege management when using table functions and can be...