Lucene search
K

41 matches found

BDU FSTEC
BDU FSTEC
added 2024/06/10 12:0 a.m.8 views

The vulnerability of the GetLogFileRulesSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks allows a hacker to execute arbitrary code.

The vulnerability of the GetLogFileRulesSQL method in the Ivanti Endpoint Manager software for managing endpoints in information networks is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code usi...

9CVSS8AI score0.08233EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/03/26 12:0 a.m.6 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures, allowing attackers to execute arbitrary SQL queries against the database.

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

6.4CVSS6AI score0.003EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/14 12:0 a.m.6 views

The vulnerability of the PostgreSQL data anonymization extension in the PostgreSQL Anonymizer tool lies in the lack of security measures for SQL query structures. This allows attackers to elevate their privileges to superuser levels.

The vulnerability of the PostgreSQL anonymization extension in the PostgreSQL Anonymizer database relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor, operating remotely, to elevate their privileges to the level of superuser...

8CVSS7.6AI score0.00461EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/25 12:0 a.m.6 views

The vulnerability of the JDBC driver pgjdbc for connecting Java programs to a PostgreSQL database allows a attacker to execute arbitrary code.

The vulnerability of the JDBC driver pgjdbc, which allows Java programs to connect to PostgreSQL databases, is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SQL...

10CVSS7.9AI score0.0481EPSS
Exploits0References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.5 views

The vulnerability of the Neshan Maps plugin of the WordPress content management system allows attackers to carry out attacks based on SQL injections.

The vulnerability of the Neshan Maps plugin of the WordPress content management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to carry out attacks based on SQL injections...

10CVSS7.9AI score0.00547EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.10 views

The vulnerability of the Bulk Modification Tool component in Nagios XI allows a hacker to execute arbitrary SQL code.

The vulnerability of the Bulk Modification Tool component in Nagios XI is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

9CVSS8.2AI score0.3374EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.8 views

The vulnerability of the Groundhogg plugin of the WordPress content management system allows a hacker to execute XSS attacks.

The vulnerability of the Groundhogg plugin in the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

8.3CVSS7.3AI score0.0085EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.5 views

The vulnerability of the Tyk application programming interface, related to the lack of security measures for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the Tyk cloud firewall’s application programming interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

10CVSS8.1AI score0.01257EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/30 12:0 a.m.5 views

The vulnerability of the Tutor LMS plugin for the WordPress content management system allows a hacker to execute arbitrary code.

The vulnerability of the Tutor LMS plugin for the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

6.4CVSS6.9AI score0.01347EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/30 12:0 a.m.7 views

The vulnerability of the Paid Memberships Pro plugin of the WordPress content management system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the Paid Memberships Pro plugin of the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

10CVSS8.1AI score0.9246EPSS
Exploits6References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/27 12:0 a.m.5 views

The vulnerability of the JDBCAppender adapter in the Log4j Java logging library allows a malicious actor to execute arbitrary SQL queries against the database.

The vulnerability of the JDBCAppender component in Log4j, a Java logging library, relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries against the database remotely...

10CVSS7.6AI score0.66537EPSS
Exploits1References7Affected Software31
CNNVD
CNNVD
added 2023/03/20 12:0 a.m.5 views

Gentoo SQL注入漏洞

Gentoo is an open source Linux system from the Gentoo Foundation. A SQL injection vulnerability exists in Gentoo Soko versions prior to 1.0.2, which stems from a SQL injection vulnerability found in pkg/app/handler/packages/search.go...

9.8CVSS8.8AI score0.0115EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/02 12:0 a.m.5 views

The vulnerability of the func2.php function in the web application for managing a medical institution, the PHPGurukul Hospital Management System, allows a perpetrator to disclose protected information.

The vulnerability of the func2.php function in the web application of the PHPGurukul Hospital Management System is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to disclose the protected information remotely...

7.8CVSS7.2AI score0.01709EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/24 12:0 a.m.11 views

The vulnerability of the “company_filter” parameter in the “user_list” component of the Advantech R-SeeNet monitoring software allows a hacker to execute arbitrary SQL queries.

The vulnerability of the “companyfilter” parameter in the “userlist” component of the Advantech R-SeeNet monitoring software for router status and functions is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execu...

7.7CVSS5.9AI score0.01134EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.7 views

The vulnerability of the get_topic_info() function (sys/CODOF/Forum/Topic.php) in the Codoforum forum creation software allows a violator to execute arbitrary code.

The vulnerability of the gettopicinfo function sys/CODOF/Forum/Topic.php in the Codoforum forum creation software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system remotely...

10CVSS8.3AI score0.04915EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/09 12:0 a.m.5 views

The vulnerability of the /web/Public/Conn.php component of the software controller for centralized control of wireless networks in D-Link Central WiFi Manager CWM(100) allows a intruder to execute arbitrary code.

The vulnerability of the /web/Public/Conn.php component of the software controller for centralized control of D-Link Central WiFi Manager CWM100 relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute...

10CVSS6AI score0.68019EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/04 12:0 a.m.13 views

The vulnerability of the NVBUBackup request handler’s software for data archiving and restoration by NetVault Backup allows a perpetrator to execute arbitrary code.

The vulnerability of the NVBUBackup request handler in software for data archiving and restoration by NetVault Backup is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9.8CVSS6.1AI score0.03933EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.8 views

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the IBM Maximo Asset Management software’s asset management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

6.5CVSS6.4AI score0.00707EPSS
Exploits0References2Affected Software13
Exploit DB
Exploit DB
added 2011/08/17 12:0 a.m.16 views

Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection

source: https://www.securityfocus.com/bid/49209/info Code Widgets DataBound Collapsible Menu is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/04/23 12:0 a.m.15 views

Web Calendar <= 4.1 Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use strict; use LWP::Simple; print "-+-- Web Calendar = 4.1 Blind SQL Injection Exploit --+- "; print "-+-- --+- "; print "-+-- Discovered && Coded By t0pP8uZz --+- "; print "-+-- Discovered On: 24 April 2008 --+- "; print "-+-- --+- "; print "-+-...

7.1AI score
Exploits0
Rows per page
Query Builder