The vulnerability of the web interface of the Cisco Digital Network Architecture (DNA) Center, related to the lack of protective measures for the SQL query structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the Cisco Digital Network Architecture DNA Center’s network management web interface is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerabilities of the `django.contrib.postgres_fields.HStoreField` and `django.contrib.postgres_fields.JSONField` functions in the Django framework are related to the lack of measures to protect SQL query structures. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the django.contrib.postgresfields.HStoreField and django.contrib.postgresfields.JSONField functions in the Django web development framework is related to conversion and key search errors, as well as index searching issues. Exploiting this vulnerability can allow an attacker t...

The vulnerability of the /web/Public/Conn.php component of the software controller for centralized control of wireless networks in D-Link Central WiFi Manager CWM(100) allows a intruder to execute arbitrary code.

The vulnerability of the /web/Public/Conn.php component of the software controller for centralized control of D-Link Central WiFi Manager CWM100 relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute...

The vulnerability of the PayAction.class.php script of the software controller for centralized control of wireless networks by D-Link Central WiFi Manager CWM(100) allows a hacker to execute arbitrary code.

The vulnerability of the PayAction.class.php script of the software controller for centralized control of wireless networks by D-Link Central WiFi Manager CWM100 is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating...

The vulnerability of the pg_upgrade and pg_dump utilities in the PostgreSQL database management system allows a hacker to execute arbitrary SQL commands.

The vulnerability of the pgupgrade and pgdump utilities in the PostgreSQL database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

The vulnerability of the software platform for the Cisco RV180W multi-functional router and the Cisco Small Business RV220W network security gateway allows attackers to disclose protected information.

The vulnerability of the software platform for the Cisco RV180W multi-functional router and the Cisco Small Business RV220W wireless network security gateway lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose...

The vulnerability of the NVBUPolicy Get request handler in NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUPolicy Get request handler in NetVault Backup software for data archiving and restoration is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the NVBUPhaseStatus Count request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUPhaseStatus Count processing component in NetVault Backup software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the NVBUBackupOptionSet Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUBackupOptionSet Get request handler in the NetVault Backup data archiving and restoration software lies in the insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the ScheduleQuery method in the scheduling class of the ZENworks Configuration Management information system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the ScheduleQuery method in the ZENworks Configuration Management software framework relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using undefined vectors...

CVE-2017-7681

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end...

CVE-2017-7681

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end...

Sql injection

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end...

CVE-2017-7681

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end...

The vulnerability of the Cisco Unified Communications Manager system allows a perpetrator to circumvent access control rules.

The vulnerability of the Cisco Unified Communications Manager web interface relates to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass access controls by making arbitrary queries to the SQL database...

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the IBM Maximo Asset Management software’s asset management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

The vulnerability of the Cisco Secure Access Control System’s access control system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the Solution Engine component of the Cisco Secure Access Control System relates to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...

PHPWebThings 1.4 Download.PHP File Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15399/info phpWebThings is prone to an SQL injection vulnerability. This is an input validation issue related to data that will be used in SQL queries, allowing a remote user to influence the structure and logic of a quer...

CVE-2013-6285

The search component in the Treasurer application in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to obtain sensitive query-structure information via an invalid search request, a different vulnerability than CVE-2013-6020...

CVE-2013-6285

The vulnerability CVE-2013-6285 affects the Treasurer application’s search component in Tyler Technologies TaxWeb 3.13.3.1. It allows remote attackers to obtain sensitive query-structure information by sending an invalid search request. This is described as a separate issue from CVE-2013-6020. Th...