41 matches found
The vulnerability of the GetLogFileRulesSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.
The vulnerability of the GetLogFileRulesSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code usi...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures, allowing attackers to execute arbitrary SQL queries against the database.
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...
The vulnerability of the PostgreSQL data anonymization extension in the PostgreSQL Anonymizer tool lies in the lack of security measures for SQL query structures. This allows attackers to elevate their privileges to superuser levels.
The vulnerability of the PostgreSQL anonymization extension in the PostgreSQL Anonymizer database relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor, operating remotely, to elevate their privileges to the level of superuser...
The vulnerability of the JDBC driver pgjdbc for connecting Java programs to a PostgreSQL database allows a attacker to execute arbitrary code.
The vulnerability of the JDBC driver pgjdbc, which allows Java programs to connect to PostgreSQL databases, is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SQL...
The vulnerability of the Neshan Maps plugin of the WordPress content management system allows attackers to carry out attacks based on SQL injections.
The vulnerability of the Neshan Maps plugin of the WordPress content management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to carry out attacks based on SQL injections...
The vulnerability of the Bulk Modification Tool component in Nagios XI allows a hacker to execute arbitrary SQL code.
The vulnerability of the Bulk Modification Tool component in Nagios XI is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
The vulnerability of the Groundhogg plugin of the WordPress content management system allows a hacker to execute XSS attacks.
The vulnerability of the Groundhogg plugin in the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the Tyk application programming interface, related to the lack of security measures for SQL query structures, allows attackers to execute arbitrary SQL queries.
The vulnerability of the Tyk cloud firewall’s application programming interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the Tutor LMS plugin for the WordPress content management system allows a hacker to execute arbitrary code.
The vulnerability of the Tutor LMS plugin for the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Paid Memberships Pro plugin of the WordPress content management system allows a hacker to execute arbitrary SQL queries.
The vulnerability of the Paid Memberships Pro plugin of the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the JDBCAppender adapter in the Log4j Java logging library allows a malicious actor to execute arbitrary SQL queries against the database.
The vulnerability of the JDBCAppender component in Log4j, a Java logging library, relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries against the database remotely...
Gentoo SQL注入漏洞
Gentoo is an open source Linux system from the Gentoo Foundation. A SQL injection vulnerability exists in Gentoo Soko versions prior to 1.0.2, which stems from a SQL injection vulnerability found in pkg/app/handler/packages/search.go...
The vulnerability of the func2.php function in the web application for managing a medical institution, the PHPGurukul Hospital Management System, allows a perpetrator to disclose protected information.
The vulnerability of the func2.php function in the web application of the PHPGurukul Hospital Management System is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to disclose the protected information remotely...
The vulnerability of the “company_filter” parameter in the “user_list” component of the Advantech R-SeeNet monitoring software allows a hacker to execute arbitrary SQL queries.
The vulnerability of the “companyfilter” parameter in the “userlist” component of the Advantech R-SeeNet monitoring software for router status and functions is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execu...
The vulnerability of the get_topic_info() function (sys/CODOF/Forum/Topic.php) in the Codoforum forum creation software allows a violator to execute arbitrary code.
The vulnerability of the gettopicinfo function sys/CODOF/Forum/Topic.php in the Codoforum forum creation software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system remotely...
The vulnerability of the /web/Public/Conn.php component of the software controller for centralized control of wireless networks in D-Link Central WiFi Manager CWM(100) allows a intruder to execute arbitrary code.
The vulnerability of the /web/Public/Conn.php component of the software controller for centralized control of D-Link Central WiFi Manager CWM100 relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute...
The vulnerability of the NVBUBackup request handler’s software for data archiving and restoration by NetVault Backup allows a perpetrator to execute arbitrary code.
The vulnerability of the NVBUBackup request handler in software for data archiving and restoration by NetVault Backup is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to execute arbitrary SQL commands.
The vulnerability of the IBM Maximo Asset Management software’s asset management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...
Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection
source: https://www.securityfocus.com/bid/49209/info Code Widgets DataBound Collapsible Menu is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
Web Calendar <= 4.1 Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use strict; use LWP::Simple; print "-+-- Web Calendar = 4.1 Blind SQL Injection Exploit --+- "; print "-+-- --+- "; print "-+-- Discovered && Coded By t0pP8uZz --+- "; print "-+-- Discovered On: 24 April 2008 --+- "; print "-+-- --+- "; print "-+-...