CVE-2017-5814

A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found...

CVE-2017-5810

A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found...

CVE-2017-5810

CVE-2017-5810 is a remote SQL injection in HP Network Automation, affecting 9.1x, 9.2x, 10.0x, 10.1x and 10.2x. The issue arises in the RedirectServlet due to insufficient sanitization of certain HTTP request parameters, enabling an unauthenticated or remote attacker to inject SQL and potentially...

CVE-2017-5814

CVE-2017-5814 is a remote SQL injection authentication bypass affecting HPE Network Automation versions 9.1x, 9.2x, 10.0x, 10.1x and 10.2x. The vulnerability stems from a SQL injection flaw used to bypass authentication, enabling an attacker to potentially access the application and back-end data...

CVE-2017-14738

FileRun version 2017.09.18 and below suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module under the search function...

Schoolhos CMS v2.29 - userberita SQL injection Vulnerability

Document Title: =============== Schoolhos CMS v2.29 - userberita SQL injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1932 Release Date: ============= 2016-11-22 Vulnerability Laboratory ID VL-ID: ==================================...

phpIPAM <= 1.2.1 Multiple Vulnerabilities

phpIPAM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpipam:phpipam"; ifdescription...

PHPCollab CMS 2.5 - (emailusers.php) SQL Injection

Exploit for php platform in category web applications Document Title: =============== phpCollab v2.5 CMS - SQL Injection Vulnerability Product & Service Introduction: =============================== phpCollab is an open source internet-enabled system for use in projects that require collaboration...

Hi Technology & Services CMS SQL Injection Vulnerability

Hi Technology & Services CMS suffers from a SQL injection vulnerability that allows remote attackers to execute malicious sql commands to connect to dbms...

Negin Group CMS - (v) Multiple Web Vulnerabilities

Document Title: =============== Negin Group CMS - v Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1831 Release Date: ============= 2016-04-24 Vulnerability Laboratory ID VL-ID: ==================================== 1831 Comm...

WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection

Exploit Title: WordPress: cp-reservation-calendar 1.1.6 SQLi injection Date: 2015-09-15 Google Dork: Index of /wp-content/plugins/cp-reservation-calendar/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Software Link: https://downloads.wordpress.org/plugin/cp-reservation-calendar.z...

LoadedCommerce7 - Systemic Query Factory Vulnerability

No description provided by source. Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory: http://breaking.technology/advisories/CVE-2014-5140.txt Credits: Discovered by Breaking Technology Research Labs 2014-06-30 Reference: CVE-2014-5140 - Assigned 31 June 2014 Timeline: Vendor...

LoadedCommerce7 - Systemic Query Factory Vulnerability

Loaded Commerce 7 shopping cart/online store suffers from a systemic vulnerability in its query factory, allowing attackers to circumvent user input sanitizing to perform remote SQL injection. Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory:...

LoadedCommerce7 - Systemic Query Factory

Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory: http://breaking.technology/advisories/CVE-2014-5140.txt Credits: Discovered by Breaking Technology Research Labs 2014-06-30 Reference: CVE-2014-5140 - Assigned 31 June 2014 Timeline: Vendor notified - 29 July 2014 Vendor...

TomatoCart v1.x &#40;latest-stable&#41; Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...

plugin WP-Forum 1.7.4 - Remote SQL Injection

The wpforum WordPress plugin was affected by a Remote SQL Injection security vulnerability...

plugin WP-Forum 1.7.8 - Remote SQL Injection

The wpforum WordPress plugin was affected by a Remote SQL Injection security vulnerability...

st_newsletter - Remote SQL Injection

The stnewsletter WordPress plugin was affected by a Remote SQL Injection security vulnerability...

ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=21 Usage: aspp.pl host path user use IO::Socket; use Math::BigInt; if@ARGV != 3 usage;...

Seditio <= 1.10 (avatarselect id) Remote SQL Injection Vulnerability

No description provided by source. Seditio = 1.10 Remote SQL Injection avatarselect id Vulnerability Discovered by: nukedx Contacts: ICQ: 10072 MSN/Mail: [email protected] web: http://www.nukedx.com Original advisory can be found at: http://www.nukedx.com/?viewdoc=52 ---- GET -...