ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

PT-2023-15858 · Sciencelogic · Sciencelogic Sl1

Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "json walker" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL that i...

PT-2023-15874 · Sciencelogic · Sciencelogic Sl1

Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "message viewer print" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary S...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

Gym Management System SQL Injection Vulnerability

Gym Management System is a gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A security vulnerability...

PT-2023-15867 · Sciencelogic · Sciencelogic Sl1

Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "ticket template watchers" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitra...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

PT-2023-15861 · Sciencelogic · Sciencelogic Sl1

Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the “reporting job editor” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

PT-2023-15871 · Sciencelogic · Sciencelogic Sl1

Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the “reporter events type” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

ScienceLogic SL1 SQL注入漏洞

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

CVE-2023-38760

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the role and gender parameters within the /QueryView.php component...

CVE-2023-33993

B1i module of SAP Business One - version 10.0, application allows an authenticated user with deep knowledge to send crafted queries over the network to read or modify the SQL data. On successful exploitation, the attacker can cause high impact on confidentiality, integrity and availability of the...

a2 Camera Trap Tracking System SQL Injection Vulnerability

a2 Camera Trap Tracking System is a camera trap tracking system from a2 Camera Trap Tracking System. A SQL injection vulnerability exists in a2 Camera Trap Tracking System versions prior to 3.1905 that stems from incorrect neutralization of special elements used in SQL commands...

PT-2023-26069 · Unknown · Judging Management System

Name of the Vulnerable Software and Affected Versions: Judging Management System version 1.0 Description: A SQL injection issue was found in the Judging Management System. The vulnerability can be exploited via the id parameter at the "/php-jms/deductScores.php" API endpoint. Recommendations: For...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in Parasolid, Solid Edge, TeamCenter, SoftwareCenter, SIMATIC, SICAM and Ruggedcom products. The vulnerabilities potentially enable a malicious party to execute attacks that could result in the following categories of damage: Denial-of-Service DoS. Manipulation o...

The vulnerability of the framework for creating applications based on the combination of language models (LLMs) like LangChain arises from the lack of protective measures for SQL query structures. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the framework for creating applications based on the combination of language models LLMs like LangChain relates to the lack of measures taken to protect SQL query structures. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized...