The vulnerability of the InnoDB component of the MySQL Database Server management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service interruptions using the MySQL network protocol...

The vulnerability of the InnoDB component of the MySQL Database Server management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

Command execution vulnerability exists in MyuCMS (CNVD-2020-67559)

MyuCMS front-end is built with UIkit framework, back-end is built with layui back-end framework and back-end is developed with PHP+MYSQL. A command execution vulnerability exists in MyuCMS, which can be exploited to gain server privileges...

CVE-2020-12147 Unauthorized queries against the Silver Peak Unity OrchestratorTM MySQL database.

In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing...

WordPress < 5.5.2 - Unauthenticated DoS Attack to RCE

Description The release notes state: "Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE." The attack consisted of creating a DoS condition on the MySQL database, which would make WordPress think that it has not been installed, presenting the installation wizard. The...

[SECURITY] Fedora 33 Update: mysql-connector-java-8.0.21-1.fc33

MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...

Vulnerability of the MySQL Server component: The Pluggable Auth feature of the MySQL database management system allows attackers to gain access to modify, add, or delete data.

The vulnerability of the MySQL Server component, the Pluggable Auth system for database management, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data using the MySQL Protocol...

mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: InnoDB unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

The vulnerability of the InnoDB component in the MySQL Database Management System, which is related to insufficient validation of input data, allows attackers to trigger service failures.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause downtime or service failures through the use of MySQL network protocols...

PYSEC-2020-342

Resolved Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases...

Pandora FMS 7.0 NG 7XX Remote Command Execution Exploit

This Metasploit module exploits a vulnerability CVE-2020-13851 in Pandora FMS versions 7.0 NG 742, 7.0 NG 743, and 7.0 NG 744 and perhaps older versions in order to execute arbitrary commands. This module takes advantage of a command injection vulnerability in th e Events feature of Pandora FMS...

Pandora FMS 7.0 NG 7XX Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pandora FMS Events Remote Command Execution', 'Description' = %q This module exploits a vulnerability CVE-2020-13851 in Pandora FMS versions 7.0 ...

Pandora FMS Events Remote Command Execution

This module exploits a vulnerability CVE-2020-13851 in Pandora FMS versions 7.0 NG 742, 7.0 NG 743, and 7.0 NG 744 and perhaps older versions in order to execute arbitrary commands. This module takes advantage of a command injection vulnerability in the Events feature of Pandora FMS. This flaw...

Apache SkyWalking SQL Injection Vulnerability

Apache SkyWalking is an application performance monitor from the Apache Software USA Foundation primarily for environments such as microservices, cloud-native and container-based. An SQL injection vulnerability exists in the H2/MySQL/TiDB storage implementation in Apache SkyWalking versions 6.0.0...

XSS Vulnerability in jfinal cms User Profile Edit

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms user profile editing XSS vulnerability , an attacker can exploit the...

File Upload Vulnerability in Team CMS

Team CMS website is a jsp + mysql for the development of jsp enterprise building system. Team CMS has a file upload vulnerability that can be exploited by attackers to gain server administrative privileges...

php-fusion 9.03.50 - (ctype) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: php-fusion 9.03.50 - 'ctype' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research - ThienNV Vendor Homepage: https://www.php-fusion.co.uk/ Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version:...

CVE-2019-13021

The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password...