8289 matches found
UBUNTU-CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-46905
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user at least Network Manager permissions required to achieve privilege escalation to the admin account...
PT-2024-17399 · Unknown · Code-Projects Farmacia
Name of the Vulnerable Software and Affected Versions: code-projects Farmacia version 1.0 Description: A critical issue was found in the /visualizar-produto.php file, affecting an unknown part of it. The manipulation of the id argument leads to SQL injection. It is possible to initiate the attack...
WordPress plugin Distance Based Shipping Calculator SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...
PHPGurukul Complaint Management System 注入漏洞
PHPGurukul Complaint Management System is a complaint management system from PHPGurukul. An injection vulnerability exists in version 1.0 of the PHPGurukul Complaint Management System, which originates in the /admin/reset-password.php file with the parameter email for SQL injection...
PHPGurukul Complaint Management System 注入漏洞
PHPGurukul Complaint Management System is a complaint management system from PHPGurukul. An injection vulnerability exists in PHPGurukul Complaint Management System version 1.0, which stems from the parameter emailid in the file /user/index.php that can cause SQL injection...
The vulnerability of the Windows Active Directory (AD) management and reporting software Zoho ManageEngine ADAudit Plus lies in the lack of protection for SQL query structures, allowing attackers to execute custom queries and gain access to database table records.
The vulnerability of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute custom queries and gain access to database table...
The vulnerability of the audit settings of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus allows a perpetrator to execute custom requests and gain access to the database table records.
The vulnerability of the audit settings of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute custom queries and gai...
The vulnerability of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus lies in the lack of security measures for SQL query structures. This allows attackers to execute custom queries and gain access to database table records.
The vulnerability of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute user-defined queries and gain access to...
PHPGurukul COVID 19 Testing Management System 安全漏洞
PHPGurukul COVID 19 Testing Management System is a COVID 19 Testing Management System from PHPGurukul Inc. A security vulnerability exists in PHPGurukul COVID 19 Testing Management System v1.0, which stems from an SQL injection vulnerability that allows remote attackers to execute arbitrary code...
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for the SQL query structure, allowing attackers to execute arbitrary SQL queries.
The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
1000 Projects Portfolio Management System MCA 安全漏洞
1000 Projects Portfolio Management System MCA is an open source portfolio management system by 1000 Projects. A security vulnerability exists in 1000 Projects Portfolio Management System MCA version 1.0 due to a SQL injection in parameter name...
CVE-2024-11663
A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclose...
itsourcecode Tailoring Management System 注入漏洞
itsourcecode Tailoring Management System is a tailoring management system from itsourcecode open source. An injection vulnerability exists in itsourcecode Tailoring Management System version 1.0, which originates from the presence of SQL injection...
Visteon Infotainment SQL注入漏洞
Visteon Infotainment is an automotive infotainment system from Visteon Corporation. Visteon Infotainment suffers from a SQL injection vulnerability that stems from improper validation of user-supplied strings when DeviceManager parses iAP serial numbers, which could lead to an attacker executing...
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of security measures regarding SQL query structures. This allows attackers to execute arbitrary code within the root user’s context.
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root...
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of security measures regarding SQL query structures. This allows attackers to execute arbitrary code within the root user’s context.
The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.
The vulnerability of Native Client components in the Microsoft SQL Server database management system is related to numerical truncation errors. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...