The vulnerability of the gpf_notice component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the gpfnotice component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

The vulnerability of the strhash component of the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the strhash component of the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

The vulnerability of the chash_array component in the Virtuoso-opensource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the chasharray component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

PT-2024-7351 · Hikvision · Hikcentral Professional

Name of the Vulnerable Software and Affected Versions: HikCentral Professional versions prior to 2.6.0 Description: The issue is related to a SQL injection vulnerability. This could allow an authenticated user to execute arbitrary SQL queries. The vulnerability is remotely exploitable...

The vulnerability of the __libc_longjmp component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the libclongjmp component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

The vulnerability of the __libc_malloc component in the Virtuoso-opensource web application development platform allows a attacker to cause a service failure.

The vulnerability of the libcmalloc component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause service failures using specially created SQL...

The vulnerability of the dk_set_delete component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the dksetdelete component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...

WordPress plugin Ajax Rating with Custom Login SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

EsafeNet CDG SQL注入漏洞

EsafeNet CDG is a document security management system from EsafeNet. EsafeNet CDG V5 version has a SQL injection vulnerability, which originates from the parameter id of the file /com/esafenet/servlet/client/MailDecryptApplicationService.java, which can lead to SQL injection...

Dell OpenManage Enterprise SQL注入漏洞

Dell OpenManage Enterprise is an easy-to-use, one-to-many system management console for IT infrastructure management from Dell, Inc. The software supports cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. A SQL injection vulnerability exists i...

The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.

The vulnerability of the centreon-web component of the IT infrastructure monitoring software lies in the lack of protective measures for the SQL query structure. This allows attackers to enhance their privileges and execute arbitrary code using a specially created SQL query...

The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.

The vulnerability of the centreon-web component of the IT infrastructure monitoring software lies in the lack of protective measures for the SQL query structure. This allows attackers to enhance their privileges and execute arbitrary code using a specially created SQL query...

PT-2024-39978 · Formosasoft · Ee-Class

Name of the Vulnerable Software and Affected Versions: FormosaSoft ee-class affected versions not specified Description: The issue concerns a failure to properly validate a specific page parameter in the ee-class from FormosaSoft, allowing remote attackers with regular privileges to inject...

NewType FlowMaster BPM Plus SQL注入漏洞

NewType FlowMaster BPM Plus is a business process management system from NewType, a Chinese company. A SQL injection vulnerability exists in NewType FlowMaster BPM Plus, which arises from a specific query function that does not properly restrict user input, allowing a remote attacker with regular...

TAI Smart Factory QPLANT SF SQL注入漏洞

TAI Smart Factory QPLANT SF is a tool for managing and controlling production execution from TAI Smart Factory, Inc. A SQL injection vulnerability exists in TAI Smart Factory QPLANT SF version 1.0, which originates from allowing a remote attacker to retrieve all database information by sending a...

VulnCheck KEV: CVE-2024-8877

Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204: through 4.05...

PT-2024-38074 · Netease Youdao · Qanything

Name of the Vulnerable Software and Affected Versions: netease-youdao/qanything version 1.4.1 Description: The issue concerns a SQL injection vulnerability where unsafe data obtained from user input is concatenated in SQL queries. This affects functions including get knowledge base name, from...

WordPress plugin Tainacan SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

The vulnerability of Microsoft Configuration Manager software for managing IT infrastructure lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Configuration Manager software for managing IT infrastructure is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Online Eyewear Shop SQL注入漏洞

Online Eyewear Shop is an online eyewear store by the individual developer Carlo Montero. A SQL injection vulnerability exists in Online Eyewear Shop version 1.0, which originates in the file /classes/Master.php?f=deleteproduct where the parameter id of the function deleteproduct can lead to SQL...