CVE-2021-39377

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the index.php username parameter...

Sql injection

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the index.php username parameter...

CVE-2021-39377

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the index.php username parameter...

CVE-2021-39378

A SQL Injection vulnerability exists in openSIS 8.0 when MySQL MariaDB is being used as the application database. A malicious attacker can issue SQL commands to the MySQL MariaDB database through the NamesList.php str parameter...

SQL Injection

Overview sequelize is a promise-based Node.js ORM for Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server. Affected versions of this package are vulnerable to SQL Injection due to JSON path keys not being properly escaped for the MySQL/MariaDB dialects. PoC by Snyk const Sequelize =...

CVE-2017-12419

If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide, and the MySQL client has a localinfile setting enabled in php.ini...

CVE-2017-12419

If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide, and the MySQL client has a localinfile setting enabled in php.ini...

CVE-2016-6664

Removed by vendor...

Kartoo Search Engine XSS / Remote File Inclusion

================================================================================================================================================================= KARTOO SEARCH ENGINE XSS / PHP allowurlfopen enabled / PHP allowurlinlude enable /Security vulnerability in / Sensitive Files Informati...

Security fix for the ALT Linux 8 package mariadb version April

April 1, 2013 Michael Shigorin 5.5.30-alt10 - New version - NB: 5.5.29 had important security fixes, including: + A buffer overflow that can cause a server crash or arbitrary code execution a variant of CVE-2012-5611 + CVE-2012-5627 fast password brute-forcing using the "change user" +...

Mandriva Update for mysql MDVSA-2012:178 (mysql)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...