Johnson Controls Metasys Products

RISK EVALUATION Successful exploitation of this vulnerability could result in remote SQL execution, leading to alteration or loss of data. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

Interspire Email Marketer SQL Injection Vulnerability (CNVD-2018-26787)

BigCommerec Interspire Email Marketer IEM is a suite of email marketing software from BigCommerec, USA. A SQL injection vulnerability exists in the 'delete tags' function of the Dynamiccontenttags.php file in BigCommerec IEM 6.1.6 and earlier versions. A remote attacker can exploit this...

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...

PT-2013-6299 · Esri · Esri Arcgis For Server

Name of the Vulnerable Software and Affected Versions: ESRI ArcGIS for Server versions through 10.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service. This can be exploited by providing malicious input to the...

PT-2005-4706 · Php · Phpx

Name of the Vulnerable Software and Affected Versions: PHPX versions 3.5.9 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter. This can be exploited by sending malicious inpu...