The vulnerability of the plus/ajax_street.php component of the 74cms CMS system, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the plus/ajaxstreet.php component of the 74cms CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries via the key parameter...

The vulnerability of the plus/ajax_street.php component of the 74cms CMS system, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the plus/ajaxstreet.php component of the 74cms CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries via the parameter x...

The vulnerability of the app/admin/custom-fields/edit.php web application for managing IP addresses in phpipam allows a hacker to execute arbitrary SQL queries.

The vulnerability of the “app/admin/custom-fields/edit.php” web application for managing IP addresses in phpipam relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the app/admin/custom-fields/filter-result.php web application for managing IP addresses in phpipam allows a violator to execute arbitrary SQL queries.

The vulnerability of the app/admin/custom-fields/filter-result.php web application for managing IP addresses in phpipam relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

White Shark System SQL注入漏洞

White Shark System WSS is a browser-based collaboration platform that integrates Project Management, Task Management, Work Management and Work Log Management. Project Management", "Task Management", "Work Management" and "Work Log Management". A SQL injection vulnerability exists in White Shark...

primion Technology AG Secure 8 SQL注入漏洞

primion Technology AG Secure 8 is an access control solution from the Spanish company primion Technology AG. It is designed to control the access of people and vehicles to various locations. Secure 8 suffers from an SQL injection vulnerability that stems from Secure 8 Evalos not properly validati...

The vulnerability in the web interface of the Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to execute arbitrary SQL commands and gain unauthorized access to modify data.

The vulnerability of the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P web interface management interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL commands an...

WordPress SQL注入漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.Yes/No Chart is a plugin for WordPress. Yes/No Chart WordPress plugin version prior to 1.0.12 suffers from a SQL injection...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Xllentech English Islamic Calendar plugin prior to...

CVE-2021-23230

A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359...

Trace Financial CRESTBridge SQL注入漏洞

CRESTBridge is a resilient, feature-rich interface for Trace Financial.Trace Financial CRESTBridge is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands...

Trace Financial CRESTBridge SQL注入漏洞

CRESTBridge is a resilient, feature-rich interface for Trace Financial.A SQL injection vulnerability exists in Trace Financial CRESTBridge versions prior to 6.3.0.02, which stems from a lack of validation of external input SQL statements, which can be exploited by attackers to execute illegal SQL...

PT-2021-11213 · Silverstripe · Silverstripe

Name of the Vulnerable Software and Affected Versions: SilverStripe versions prior to 4.6.0-rc1 Description: The issue concerns the GraphQL module in SilverStripe, which by default accepts basic-auth as an authentication method. This allows bypassing multi-factor authentication MFA if the...

SilverStripe 授权问题漏洞

SilverStripe is New Zealand SilverStripe Silverstripe company's set of open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . SilverStripe has an authorization issue vulnerability that stems from...

VulnCheck KEV: CVE-2021-20028

SonicWall Secure Remote Access SRA products contain an improper neutralization of a SQL Command leading to SQL injection...

Esri Arcgis Server SQL注入漏洞

Esri Arcgis Server is the United States Esri company's a Web-oriented can be used to provide geographic location services, enterprise-class software platform. A SQL injection vulnerability exists in ArcGIS Server version 10.8.1 and earlier versions, which can be exploited by attackers to obtain...

In4Velocity In4Suite ERP SQL注入漏洞

In4Velocity In4Suite ERP is an enterprise resource program from In4Velocity India. It is ERP software built for the real estate and construction industry that provides complete visibility of business information and helps streamline processes, improve efficiency, manage complexity and increase...

Synology Photo Station SQL注入漏洞

Synology Photo Station is a solution for sharing pictures, videos and blogs over the Internet from Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in Synology Photo Station before 6.8.14-3500, which can be exploited by an attacker to execute arbitrary SQL commands via...

WordPress 插件 SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. Bello - Directory & Listing WordPress theme prior to version 1.6.0 suffers from a SQL injection vulnerability that stems from the theme not cleaning up critical parameters, resulting in their use in SQL injection statements...

Synology Media Server SQL注入漏洞

Synology Media Server is a media server. A SQL injection vulnerability exists in the cgi component of Synology Media Server before 1.8.1-2876, which can be exploited by an attacker to execute arbitrary SQL commands via an unspecified vector...