The vulnerability of component B1i Layer of the SAP Business One resource management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of component B1i Layer in the SAP Business One resource management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to remotely gain access to read, modify, or delete data by sending...

The vulnerability of the function com.imc.iview.utils.CUtils.checkSQLInjection() in the system for centralized control of network devices and ports of Advantech iView allows a attacker to execute arbitrary SQL commands.

The vulnerability of the com.imc.iview.utils.CUtils.checkSQLInjection function in the system for managing network devices and ports of Advantech iView is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

The vulnerability of the mod_h5pactivity component in the virtual learning environment Moodle allows a hacker to execute arbitrary SQL queries in the database.

The vulnerability of the modh5pactivity component in the virtual learning environment Moodle is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries in the database...

The vulnerability of the software for processing and transmitting confidential data in Progress MOVEit Transfer arises from the lack of protective measures for SQL query structures, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the software for processing and transmitting confidential data in Progress MOVEit Transfer is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the...

The vulnerability of the ExploreIT website content management system, related to the lack of measures to protect the SQL query structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the ExploreIT website content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the SQL query structure, allows attackers to execute arbitrary SQL commands.

The vulnerability of the centralized control system for network devices and ports of Advantech iView relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

The vulnerability of SAP SQL Anywhere relational database management systems lies in the lack of protective measures for SQL query structures, allowing attackers to trigger service failures.

The vulnerability of SAP SQL Anywhere relational database management systems is related to the lack of measures taken to protect SQL query structures. Exploiting this vulnerability allows a malicious actor to cause service interruptions by using specially crafted queries, utilizing the ARRAY arra...

The vulnerability of the Arg_comparator::compare_real_fixed component in the MariaDB database, which allows a attacker to cause service interruptions.

The vulnerability of the Argcomparator::comparerealfixed component in the MariaDB database is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to cause service failures through a specially crafted SQL query...

The vulnerability of the my_decimal::operator database component, which allows a hacker to trigger a service failure.

The vulnerability of the mydecimal::operator component of the MariaDB database lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to trigger service failures through a specially crafted SQL query...

The vulnerability of the SonicWall Analytics On-Prem global network firewall management system’s analytical service allows attackers to execute arbitrary SQL commands in the application database by failing to protect the SQL query structure.

The vulnerability of the SonicWall Analytics On-Prem global network management system’s analytical service is related to the failure to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands in the application database remotely...

The vulnerability of the FUEL CMS content management system lies in the lack of protection for SQL query structures, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the FUEL CMS content management system lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information through the col parameter in...

The vulnerability of the Trunc/Extract function in the Django web development framework allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Trunc/Extract function in the Django web development framework relates to the lack of measures taken to protect the structure of SQL queries. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the...

DR-Web-Engine 安全漏洞

DR-Web-Engine is built on python based on the lxml package and uses JSON as the query structure. A security vulnerability exists in DR-Web-Engine. An attacker could exploit the vulnerability to access sensitive user information and digital currency keys, as well as elevate privileges...

The vulnerability of the func2.php function in the web application for managing a medical institution, the PHPGurukul Hospital Management System, allows a perpetrator to disclose protected information.

The vulnerability of the func2.php function in the web application of the PHPGurukul Hospital Management System is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to disclose the protected information remotely...

Apache OpenMeetings vulnerable to SQL injection

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end. The issue is fixed in version 3.3.0...

The vulnerability of the information system openSIS, related to the failure to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of the information system openSIS is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries through the /opensis/modules/grades/InputFinalGrades.php parameter...

The vulnerability of the QuerySet.explain() function implementation in the Django web application framework allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the QuerySet.explain function implementation in the Django web application framework is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the sql/sql_class.cc component in the MariaDB database management system allows a hacker to cause a service failure.

The vulnerability of the sql/sqlclass.cc component in the MariaDB database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

The vulnerabilities of the components Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm of the OTRS ticket request system allow a violator to access confidential data, compromise its integrity, and cause service failures.

The vulnerabilities in the components Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm of the OTRS ticket request system are...

The vulnerability in the virtual learning environment Moodle, related to the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary SQL queries in the database.

The vulnerability in the virtual training environment Moodle is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries in the database...