Lucene search
+L

267 matches found

Prion
Prion
added 2017/11/30 9:29 a.m.17 views

Sql injection

A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language SQL queries. The vulnerability is due to a failure to validate user-supplied input that is used in SQL queries. An...

6.4CVSS6.8AI score0.01301EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2017/11/29 4:0 p.m.36 views

Cisco Prime Service Catalog SQL Injection Vulnerability

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language SQL queries. The vulnerability is due to a failure to validate user-supplied input that is used in SQL queries. An attacker could...

6.5CVSS6.7AI score0.01301EPSS
Exploits0References1
Kitploit
Kitploit
added 2017/08/28 9:13 p.m.107 views

SQLMap v1.1.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References20
Prion
Prion
added 2017/08/07 6:29 a.m.22 views

Sql injection

A vulnerability in Cisco Unified Communications Manager 10.52.10000.5, 11.01.10000.10, and 11.51.10000.6 could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL queries that bypass...

6.5CVSS8.9AI score0.01607EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/06/07 1:29 p.m.17 views

Design/Logic Flaw

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available...

5CVSS7.4AI score0.03331EPSS
Exploits3References1Affected Software1
NVD
NVD
added 2017/06/07 1:29 p.m.17 views

CVE-2017-7314

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available...

7.5CVSS7.5AI score0.03331EPSS
Exploits3References1
Cvelist
Cvelist
added 2017/06/07 1:0 p.m.23 views

CVE-2017-7314

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available...

7.5AI score0.03331EPSS
Exploits3References1
Cvelist
Cvelist
added 2017/04/24 3:0 p.m.21 views

CVE-2017-2317

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause denials of services to underlying database tables leading to potential information disclosure,...

8.2AI score0.0095EPSS
Exploits0References2
CVE
CVE
added 2017/04/24 3:0 p.m.59 views

CVE-2017-2317

Juniper Networks NorthStar Controller Application before version 2.1.0 Service Pack 1 is vulnerable to a denial-of-service attack from an unauthenticated, network-based attacker. The issue can cause DoS of underlying database tables and may lead to information disclosure, modification of system s...

8.6CVSS8AI score0.0095EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.10 views

ImagePro Lazygirls Clone Script - SQL Injection

ImagePro Lazygirls Clone Script - SQL Injection Exploit Title: ImagePro Lazygirls Clone Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/8-2/ Demo: http://imagepro.clonedemo.com/ Version: N/A Tested on: Win7 x64, Kali Lin...

0.2AI score
Exploits0
Prion
Prion
added 2017/03/07 5:59 p.m.17 views

Sql injection

IBM Tivoli Storage Manager IBM Spectrum Protect 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these...

4CVSS7.2AI score0.00943EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2017/02/24 12:0 a.m.71 views

MBLS Flex CMS 0.7.2 SQL Injection / Cross Site Scripting

Title: SQL injection & Cross-site scripting in CMS Flex Credit: Bilal KARDADOU Vulnerability: SQL injection & Cross-Site scripting Vulnerable version: Flex Version 0.7.2 Vendor: MBL Solutions Ltd Vendor URL: http://www.mblsolutions.co.uk/ Product: FLEX CMS "THE INTUITIVE CONTENT MANAGEMENT SYSTEM...

0.4AI score
Exploits0
Debian CVE
Debian CVE
added 2016/12/11 2:0 a.m.29 views

CVE-2016-9864

An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and ...

7.5CVSS8.4AI score0.01684EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2016/12/11 2:0 a.m.70 views

CVE-2016-9864

An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and ...

7.5CVSS8.4AI score0.01684EPSS
Exploits0
Fedora
Fedora
added 2016/08/29 9:24 p.m.31 views

[SECURITY] Fedora 23 Update: rubygem-activerecord-4.2.3-3.fc23

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

7.5CVSS1.4AI score0.03903EPSS
Exploits0
Fedora
Fedora
added 2016/08/29 6:58 p.m.40 views

[SECURITY] Fedora 24 Update: rubygem-activerecord-4.2.5.2-2.fc24

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

7.5CVSS1.4AI score0.03903EPSS
Exploits0
Fedora
Fedora
added 2016/08/27 11:11 a.m.44 views

[SECURITY] Fedora 25 Update: rubygem-activerecord-5.0.0.1-1.fc25

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

7.5CVSS1.4AI score0.03903EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/05/30 12:0 a.m.27 views

Cisco Prime Collaboration Provisioning SQL Injection Vulnerability (cisco-sa-20151008-pcp)

A vulnerability in web framework of Cisco Prime Collaboration Provisioning PCP could allow an authenticated, remote attacker to execute unauthorized SQL queries. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

6.5CVSS6.8AI score0.01592EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2016/05/21 12:0 a.m.12 views

PT-2016-2119 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.6.12 Description: The issue is related to the odbc bindcols function in PHP, which mishandles driver behavior for SQL WVARCHAR columns. This can be exploited by remote attackers to cause a denial of service application...

10CVSS8.7AI score0.53166EPSS
Exploits92References219
Cisco
Cisco
added 2016/05/10 9:30 a.m.63 views

Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability

A vulnerability in the web framework of Cisco Cloud Network Automation Provisioner CNAP could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate user-supplied input in SQL...

5.5CVSS7.1AI score0.00861EPSS
Exploits0References1
Rows per page
Query Builder