PT-2023-17087 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions up to 4.5.0 Description: A critical issue was found in DataGear, affecting an unknown part of the file /analysisProject/pagingQueryData. The manipulation of the queryOrder argument leads to sql injection. It is possible to...

DataGear SQL注入漏洞

DataGear is an open source and free data visualization and analysis platform from DataGear. A SQL injection vulnerability exists in DataGear versions prior to 4.5.1, which stems from a problem with the file /analysisProject/pagingQueryData, where manipulation of the parameter queryOrder can lead ...

CVE-2021-46385

https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.FormDataActionqueryData. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker ca...

[SECURITY] Fedora 34 Update: salt-3002.5-1.fc34

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

[SECURITY] Fedora 33 Update: salt-3002.5-1.fc33

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

CVE-2020-13129

An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with clientkey and deviceid data in the query string, which allows attackers to obtain sensitive information by reading web-server logs...

UBUNTU-CVE-2017-7203

A Cross-Site Scripting XSS was discovered in ZoneMinder before 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data postLoginQuery passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and scrip...

[SECURITY] Fedora 22 Update: salt-2015.5.9-2.fc22

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

[SECURITY] Fedora 23 Update: salt-2015.5.8-1.fc23

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

glibc security, bug fix, and enhancement update

2.12-1.149 - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, 2.12-1.148 - Switch gettimeofday from INTUSE to libchiddenproto 1099025. 2.12-1.147 - Fix stack overflow due to large AFINET6 requests...

IBM DB2 Universal Database Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11402/info An information disclosure vulnerability has been reported in IBM DB2. This vulnerability only exists when DB2 is installed on Microsoft Windows operating systems. This is due to a Windows permissions issue...

Fedora 19 : perl-CGI-Application-4.50-7.fc19 (2014-2998)

CGI::Application suffers from a flaw where, in certain cases, it would unexpectedly dump a complete set of web query data and server environment information as an error page. This could allow unintended disclosure of sensitive information. This update patches CGI::Application to no longer do so...

MODBUS/TCP 'Return Query Data' Function Code Detection

Binary data 7099.pasl...

MGASA-2014-0098 Updated perl-CGI-Application packages fix CVE-2013-7329

Updated perl-CGI-Application package fixes security vulnerability: When applications using CGI::Application overload setup, which is normally the case, CGI::Application since version 4.19 has dumphtml as a default run-mode unless the application explicitly redefines it. This unexpectedly dumps a...

CVE-2013-3455

Cisco Finesse allows remote attackers to obtain sensitive information by sniffing the network for HTTP query data, aka Bug ID CSCug16732...

Code injection

Cisco Finesse allows remote attackers to obtain sensitive information by sniffing the network for HTTP query data, aka Bug ID CSCug16732...

Sql injection

SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis DFMSA, as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involvin...

CVE-2006-0727

SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis DFMSA, as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involvin...