1174 matches found
Rockwell Automation FactoryTalk AssetCentre SQL Injection Vulnerability
Rockwell Automation FactoryTalk AssetCentre is an asset management software tool from Rockwell Automation that allows manufacturers and industrial companies to centrally manage controllers and other automation-related assets. An SQL injection vulnerability exists in Rockwell Automation FactoryTal...
PT-2022-2345 · Mariadb +10 · Mariadb Server +10
Name of the Vulnerable Software and Affected Versions: MariaDB Server versions 10.7 and below Description: The issue is related to a global buffer overflow in the decimal bin size component of the MariaDB Server system. This can be exploited by a remote attacker using specially crafted SQL...
SQL Injection
fluidtypo3/vhs is vulnerable to SQL injection. An attacker is able to inject and execute arbitrary SQL statements via isLanguageViewHelper in the vhs extension...
XWiki Platform SQL Injection Vulnerability
Xwiki Platform is a Wiki platform for creating Web collaboration applications from the French company Xwiki. XWiki Platform is vulnerable to SQL injection, which can be exploited by attackers to inject SQL statements for execution...
Accellion FTA SQL injection (CVE-2021-27101)
An SQL injection vulnerability exists in Accellion FTA. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
Seat-Reservation-System SQL Injection Vulnerability
Seat-Reservation-System is a seat reservation system. A sql injection vulnerability exists in Seat-Reservation-System 1.0. The vulnerability is caused due to the id and file parameters in the index.php file not being input/output filtered for special characters. An attacker can exploit this...
QIWI: Remote Code Execution on contactws.contact-sys.com via SQL injection in TAktifBankObject.GetOrder in parameter DOC_ID
Summary The API interface on https://contactws.contact-sys.com:3456/ accepts a body to interact with the server's AppServ object. Because of insufficient input validation, an attacker can abuse the DOCID parameter on the TAktifBankObject operation GetOrder to inject arbitrary SQL statements into...
CVE-2021-3333
Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting XSS. When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link...
Cross site scripting
Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting XSS. When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link...
CVE-2021-3333
Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting XSS. When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link...
SQL Injection
spring-cloud-task-core is vulnerable to SQL injection. Lack of validation of the value that is passed via a PageRequest into the JdbcTaskExecutionDao potentially allows for execution of arbitrary SQL statements...
CVE-2020-4921
IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398...
GaussDB Kernel: Configuring the Level of Error-Deriving SQL Statements to Be Logged
The logminerrorstatement parameter specifies which level of SQL statements that cause an error will be recorded into server logs. SQL statements whose levels are higher than or equal to the configured level will be recorded into server logs. The valid values include DEBUG5, DEBUG4, DEBUG3, DEBUG2...
Sql injection
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
CVE-2020-4647
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
NAPC Xinet Elegant 6 Asset Library SQL injection (CVE-2019-19245)
An SQL injection vulnerability exists in NAPC Xinet Elegant 6 Asset Library. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
Octeth Oempro SQL injection (CVE-2019-19740)
An SQL injection vulnerability exists in Octeth Oempro. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
openGauss: Configuring the Level of Error-Deriving SQL Statements to Be Logged
The logminerrorstatement parameter specifies which level of SQL statements that cause an error will be recorded into server logs. SQL statements whose levels are higher than or equal to the configured level will be recorded into server logs. The valid values include DEBUG5, DEBUG4, DEBUG3, DEBUG2...
Amazon Linux AMI : postgresql94 (ALAS-2020-1441)
The version of postgresql94 installed on the remote host is prior to 9.4.26-1.77. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1441 advisory. A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER...
IBM Informix spatial Out-Of-Bounds Write Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of IBM Informix. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the spatial.bld module...