CVE-2021-1349

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. The vulnerability is due to insufficient input validation by the web-based management...

CVE-2021-1282

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...

CVE-2021-1349 Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. The vulnerability is due to insufficient input validation by the web-based management...

CVE-2021-1349 Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. The vulnerability is due to insufficient input validation by the web-based management...

Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. The vulnerability is due to insufficient input validation by the web-based management...

Cisco Smart Software Manager SQL注入漏洞

Cisco Smart Software Manager Satellite is a Cisco component for Cisco product license management. A SQL injection vulnerability exists in the Web management interface of Cisco Smart Software Manager Satellite 5.1.0 and earlier versions. The vulnerability stems from the web management interface no...

Cisco Data Center Network Manager SQL注入漏洞

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A SQL injection vulnerability exists in the REST API endpoint of Cisco Data Center...

Dell EMC Avamar Server SQL Injection Vulnerability

Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers from Dell USA. A SQL injection vulnerability exists in Dell EMC Avamar Server 19.1, 19.2, 19.3, which could be exploited by an unauthenticated, remote attacker to cause certain SQL commands to be...

DELL Dell EMC Avamar Server SQL注入漏洞

Dell EMC Avamar Server is a suite of fully virtualized backup and recovery software for servers from Dell USA. A SQL injection vulnerability exists in Dell EMC Avamar Server 19.1, 19.2, 19.3, which could be exploited by an unauthenticated, remote attacker to cause certain SQL commands to be...

Combodo iTop SQL Injection Vulnerability

Combodo iTop is a French company Combodo ITIL-based development and for the daily operation of the IT environment of open source Web applications. The program provides incident management, configuration management and problem management. A SQL injection vulnerability exists in Combodo iTop versio...

DEBIAN-CVE-2020-35701

An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in datadebug.php allows remote authenticated attackers to execute arbitrary SQL commands via the siteid parameter. This can lead to remote code execution...

Cacti SQL注入漏洞

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A SQL injection vulnerability exists in datadebug.php in Cacti. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the siteid...

Invision Community SQL Injection Vulnerability

Invision Community is a software for designing and developing UI for mobile applications by Invision USA. An SQL injection vulnerability exists in IPS Community Suite versions 4.5.4, which originates from the Downloads REST API...

ISPConfig SQL注入漏洞

ISPConfig is an open source web hosting management program for Linux with a Web control panel , you can use the Web control panel to manage web hosting , open a website , open a mailbox , open and manage mysql databases , support for DNS resolution and monitor the server's operating conditions an...

Blizmax Flamingoim SQL Injection Vulnerability

Blizmax Flamingoim is a high-performance, lightweight, open source instant messaging software from the individual developers of Blizmax. A SQL injection vulnerability exists in Blizmax Flamingoim version 2020-09-29 and earlier versions, which stems from UserManager::addUser...

PT-2020-17397 · Phplist · Phplist

Name of the Vulnerable Software and Affected Versions: phpList version 3.5.9 Description: The issue allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page. Recommendations: For phpList version 3.5.9, consider restricting access to t...

Sourcecodester Online Health Care System SQL Injection Vulnerability

Sourcecodester Online Health Care System is a Php-based website builder for online health checkups from Sourcecodester, Inc. Online Health Card System 1.0 suffers from a SQL injection vulnerability that originates from a database application that lacks validation of externally entered SQL...

Egavilan Media Under Onstruction Page With Cpanel SQL注入漏洞

Egavilan Media Under Onstruction Page With Cpanel is a software used to show websites under construction organized by Egavilan Media in the United States. An SQL injection vulnerability exists in Egavilan Media Under Onstruction Page With Cpanel, which can be exploited by an attacker to gain acce...

The vulnerability of the Django library for the Python programming language, allowing attackers to execute arbitrary code

The vulnerability of the Django library for the Python programming language is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

UBUNTU-CVE-2020-35545

Time-based SQL injection exists in Spotweb 1.4.9 via the query string...