2820 matches found
CVE-2019-12850
The CVE-2019-12850 entry concerns a query injection vulnerability in JetBrains YouTrack. According to multiple sources, including Red Hat and NVD, the issue allowed injection of queries and was fixed in YouTrack version 2018.4.49168. Affected product: YouTrack (JetBrains). Root cause details are ...
CVE-2019-12850
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168...
openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data
A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...
SQL injection vulnerability in co***.php page of Jinan Yuxia Information Technology Co.
Jinan Yuxia Information Technology Co., Ltd. to the Internet products and related services as the main direction, is a collection of website construction and network promotion, IDC business, software development, server hosting, telecommunications value-added services and other integrated service...
SQL Injection Vulnerability in waychar Race Entry System
Waychar Event Registration System is a PHP/MYSQL based sports event registration system. The Waychar Tournament Registration System suffers from a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information from the database...
Dutch Auction Factory Component SQL Injection Vulnerability in Joomla!
Joomla! is a U.S. Open Source Matters team using PHP and MySQL development of a set of open source, cross-platform content management system CMS. Dutch Auction Factory is used in one of the auction site to create extensions . A SQL injection vulnerability exists in the Dutch Auction Factory...
Joomla! AMGallery Component SQL Injection Vulnerability
Joomla! is a U.S. Open Source Matters team using PHP and MySQL development of a set of open source , cross-platform content management system CMS. AMGallery is used in which a picture display component . A SQL injection vulnerability exists in the AMGallery component of Joomla! An attacker can...
GHSA-4QHX-G9WP-G9M6 Failure to sanitize quotes which can lead to sql injection in squel
All versions of squel are vulnerable to sql injection. The squel package does not properly escape user provided input when provided using the setFields method. This could lead to sql injection if the query was then executed. Proof of concept demonstrating the injection of a single quote into a...
HPE Intelligent Management Center (IMC) SQL Injection Code Execution Vulnerability (CNVD-2019-24556)
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A queryIpAllocateInfoBySubnetIp SQL injection code execution vulnerability exists in HPE Intelligent...
Hefei Tuono Network Technology Co., Ltd. building system SQL injection vulnerability
Hefei Topfield Network Technology Co., Ltd. is a company mainly engaged in website construction, website promotion, website design, website optimization, website marketing and other businesses. Hefei Topfield Network Technology Co., Ltd. website building system there is a SQL injection...
SQL injection vulnerability in pr***.php page of Jinan Yuxia Information Technology Co.
Jinan Yuxia Information Technology Co., Ltd. to the Internet products and related services as the main direction, is a collection of website construction and network promotion, IDC business, software development, server hosting, telecommunications value-added services and other integrated service...
SQL Injection Vulnerability in Acme CMS Backend vi***.php
Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. Aike CMS background vi.php SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitive information...
SQL Injection Vulnerability in Acme cms
Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. Acme CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in ASPCMS
ASPCMS is an open source enterprise building system developed by the Upper Valley Network. ASPCMS SQL injection vulnerability , attackers can exploit the vulnerability to obtain sensitive information in the database...
SQL Injection Vulnerability in China's Utilities Informationization Management System 2.0
China WAMR Net Management System China WAMR Net Management System is a set of enterprise-level solutions integrating water, gas and electricity. The system provides functions ranging from remote meter reading by smart meters, remote control of smart meters, customer information management,...
SQL Injection Vulnerability in dhcms Frontend
dhcms is an enterprise building system. A SQL injection vulnerability exists in the frontend of dhcms, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in phpshe v1.7 (CNVD-2019-12520)
PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation feedback and other functions, providing users with online shopping mall construction program. phpshe v1.7 version of the existence of SQL...
Heilongjiang Yitong Network Technology Development Co., Ltd. website building system has SQL injection vulnerability
Heilongjiang Yitong Network Technology Development Co., Ltd. is an enterprise website building system. There is a SQL injection vulnerability in Heilongjiang Yitong Network Technology Development Co., Ltd. that can be exploited by attackers to obtain sensitive information from the database...
SQL injection vulnerability in Five Fingers CMS co***.php page
Five Fingers CMS is a high-performance open source content management system that supports LNAMP architecture. Five Fingers CMS co.php page SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive database information...
BlueCMS SQL Injection Vulnerability
BlueCMS is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in BlueCMS version 1.6. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...