The vulnerability of the multi-site content management system UMI CMS, related to the lack of measures taken to protect the SQL query structure, allows for the execution of arbitrary SQL queries.

The vulnerability of the multi-site content management system UMI CMS is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries through the creation of queries...

The vulnerability of the GLPI system’s handling of requests and incidents lies in the lack of measures taken to protect the SQL query structure used in SQL commands. This allows attackers to carry out SQL injection attacks.

The vulnerability of the GLPI system’s request and incident handling capabilities is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to scan server or service ports and perform SQL injection attacks...

DEBIAN-CVE-2024-27019

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftobjtypeget nftunregisterobj can concurrent with nftobjtypeget, and there is not any protection when iterate over nftablesobjects list in nftobjtypeget. Therefore, there is...

The vulnerability of the NEXO-OS operating system in the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner tools used in production lines allows a intruder to gain unauthorized access to the database.

The vulnerability of the NEXO-OS operating system for tools used in production line assembly work, such as the Bosch Nexo cordless nutrunner and the Bosch Nexo special cordless nutrunner, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability ca...

The vulnerability of the graphical interface of the IBM Navigator operating system, IBM i, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the IBM Navigator graphical interface of the IBM i operating system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Red Hat Ansible configuration management system lies in the lack of protective measures for SQL query structures, allowing attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the Red Hat Ansible configuration management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information by using the...

The vulnerability of the PHP platform pimcore, related to the lack of measures taken to protect the SQL query structure, allows attackers to carry out attacks based on SQL injections.

The vulnerability of the PHP platform pimcore is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to carry out attacks based on SQL injections...

The vulnerability in the open-source e-commerce web application PrestaShop relates to the lack of measures taken to protect the SQL query structure, allowing an attacker to execute arbitrary code.

The vulnerability in the open-source e-commerce web application PrestaShop relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PT-2021-6913 · Mariadb +5 · Mariadb Server +5

Name of the Vulnerable Software and Affected Versions: MariaDB Server versions 10.7 and below Description: An issue in the component Used tables and const cache::used tables and const cache join of MariaDB Server was discovered to allow attackers to cause a Denial of Service DoS via specially...

The vulnerability of the information system openSIS, related to the failure to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of the information system openSIS is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries using the index.php USERNAME parameter...

The vulnerability of the core server component of the PostgreSQL database management system allows attackers to influence the integrity, accessibility, and confidentiality of data.

The vulnerability of the core server component of the PostgreSQL database management system is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to influence the integrity, accessibility, and confidentiality of data...

The vulnerability of the Rapid7 Nexpose vulnerability management system lies in the insufficient protection of the SQL query structure, allowing attackers to enhance their privileges.

The vulnerability of the Rapid7 Nexpose vulnerability management system is related to insufficient protection of the SQL query structure. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system allows a malicious actor to execute arbitrary SQL queries.

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability of the EVLink Parking software lies in the lack of measures to protect the SQL query structure, allowing a hacker to access the web interface with full privileges.

The vulnerability of the EVLink Parking software is related to the lack of measures to protect the SQL query structure. Exploiting this vulnerability can allow an attacker who operates remotely to gain access to the web interface with full privileges...

The vulnerability of the Microsoft Dynamics 365 resource planning software lies in the insufficient protection of the SQL query structure, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Dynamics 365 resource planning software application is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted SQL query...

The vulnerability of the ChkAdminViewUsrPwd1 component in the Advantech WebAccess remote monitoring software allows a perpetrator to execute arbitrary code.

The vulnerability of the ChkAdminViewUsrPwd1 component mailPg.asp in the Advantech WebAccess remote monitoring software is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the ProjectName and...

The vulnerability of the NVBUTransferHistory Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUTransferHistory Get request handler in the NetVault Backup software for data archiving and restoration is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Cisco Unified Communications Manager system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the Cisco Unified Communications Manager IP telephony management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...

ManageEngine OpManager 11.5 Hardcoded Credential / SQL Bypass

Exploit Title: ManageEngine OpManager multiple vulnerabilities Product: ManageEngine OpManager Vulnerable Versions: v11.5 and previous versions Tested Version: v11.5 Windows Advisory Publication: 14/09/2015 Vulnerability Type: hardcoded credentials, SQL query protection bypass Credit: xistence...