WordPress plugin Pakke Envíos 注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress Pakke Envíos suffers from a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, no details of the vulnerabili...

Q-Free MAXTIME Suite SQL注入漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A SQL injection vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions, which stems from the editUserGroupMenu endpoint in maxprofile/menu/model.lua that does not properly handle user...

The vulnerability of the YAQL component in the interface for managing service configurations in the OpenStack Murano cloud platform, related to the lack of protection for service data, allows a attacker to disclose the protected information.

The vulnerability of the YAQL component in the interface for managing service configurations in the OpenStack Murano cloud platform is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected...

MedData MedDataPACS SQL注入漏洞

MedData MedDataPACS is an image archiving and populating system from MedData. A SQL injection vulnerability exists in versions of MedData MedDataPACS prior to 2023-03-03, which stems from improper neutralization of special elements and a SQL injection vulnerability...

Wordpress Slider by 10Web SQL注入漏洞

Wordpress Slider by 10Web is an open source application plugin for Wordpress. Provides a versatile solution for adding a fast loading, responsive and SEO friendly slider to website pages, posts, theme headers or any other location. Slider by 10Web WordPress plugin versions prior to 1.2.36 suffers...

SQL Injection Vulnerability in zhicms Background ad***.php Page

ZhiCms is an enterprise building system based on PHP and mysql technology. A SQL injection vulnerability exists in the ad.php page in the background of zhicms, which can be exploited by attackers to obtain sensitive information such as database...

Cloudera Data Science Workbench SQL Injection Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. A SQL injection vulnerability exists in Cloudera CDSW versions 1.4.0 through 1.4.2. The vulnerability stems fr...

TeamPass SQL Injection Vulnerability (CNVD-2017-11316)

TeamPass is a dedicated password manager for Apache, MySQL and PHP. A SQL injection vulnerability exists in the users.queries.php file in versions of TeamPass prior to 2.1.27.4. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

The vulnerability of the McAfee VirusScan Enterprise anti-virus software allows a hacker to bypass access control rules.

The vulnerability of the McAfee VirusScan Enterprise antivirus software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass access control rules using a specially crafted HTTP request...