20 matches found
EUVD-2020-4462
Malware in sbrugna...
CVE-2020-15333
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select from Administratorusers" and "select from Usersusers" requests...
CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost...
CVE-2020-15333
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select from Administratorusers" and "select from Usersusers" requests...
Silver Peak Unity Orchestrator Path Traversal Vulnerability
Silver Peak Systems Silver Peak Unity Orchestrator is Silver Peak Systems' software for network management across WAN environments. The software provides a centralized way to orchestrate the network and visualize and manage network status. An authorization issue vulnerability exists in Silver Pea...
CVE-2020-12147
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing...
CVE-2020-12147
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing...
Code injection
In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing...
CVE-2020-12147
CVE-2020-12147 affects Silver Peak Unity Orchestrator. An authenticated user can issue unauthorized MySQL queries against the Orchestrator database through the /sqlExecution REST API. Affected versions: prior to 8.9.11+, 8.10.11+, or 9.0.1+. Documentation notes that patches are available to remed...
PT-2020-6771 · Zyxel · Zyxel Cloudcnm Secumanager
Name of the Vulnerable Software and Affected Versions: Zyxel CloudCNM SecuManager versions 3.1.0 through 3.1.1 Description: The issue is related to a lack of protection for the SQL query structure in the Zyxel CloudCNM SecuManager software. This can be exploited by a remote attacker to gain...
CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost...
DEBIAN-CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost...
PT-2012-2964 · WordPress +1 · Wordpress +1
Name of the Vulnerable Software and Affected Versions: WordPress versions 3.3.1 and earlier Description: The issue allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter. This is possible because the installation component...
Kusaba X <= 0.9 XSS/CSRF vulnerabilities
========================================== Kusaba X = 0.9 XSS/CSRF vulnerabilities ========================================== Kusaba X suffers XSS and CSRF vulnerabilities that would allow an attacker to take over the web application and possibly the entire server depending on the MySQL...
AJ Article 1.0 - featured_article.php SQL Injection
AJ Article 1.0 - featuredarticle.php SQL Injection --==+================================================================================+==-- --==+ AJ Article 1.0 featuredarticle.php Remote SQL Injection Vulnerability +==--...
softwareindex-sql.txt
--==+================================================================================+==-- --==+ Software Index 1.1 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz & xprog Discovered On: 6 April...
Software Index 1.1 (cid) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== Software Index 1.1 cid Remote SQL Injection Vulnerability ===========================================================...
affiliate-sql.txt
--==+================================================================================+==-- --==+ Affiliate Directory SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: N/A DORK: altavista.com...
phpphotogal-sql.txt
--==+================================================================================+==-- --==+ PHP Photo Gallery 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz & xprog Discovered On: 4 Apri...
Affiliate Directory - 'cat_id' SQL Injection
--==+================================================================================+==-- --==+ Affiliate Directory SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: N/A DORK: altavista.com...