Xibo SQL注入漏洞

Xibo is an open source content management system from Xibo Digital Signage. A security vulnerability exists in Xibo versions 3.2.0 through 3.3.2 and earlier, which stems from an SQL injection vulnerability that allows an authenticated user to steal data by injecting a specially crafted value into...

PT-2023-24194 · Xibo · Xibo

Name of the Vulnerable Software and Affected Versions: Xibo versions 1.4.0 through 2.3.16 Xibo versions 2.3.17 is not affected, but versions prior to 3.3.5 are affected, so the correct range is Xibo versions 3.3.0 through 3.3.4 Description: A SQL injection issue was discovered in the...

PT-2023-22332 · Sourcecodester · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue has been found in the SourceCodester Faculty Evaluation System, affecting some unknown functionality of the file "index.php?page=edit user". The manipulation o...

The vulnerability of the monitoring and security management tool Trend Micro Apex Central lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the monitoring and security management tool Trend Micro Apex Central lies in the improper handling of the deletecertvec parameter at the end of the modTMMS process. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

PT-2023-22292 · Unknown · Code-Projects Bus Dispatch/Information System

Name of the Vulnerable Software and Affected Versions: code-projects Bus Dispatch and Information System version 1.0 Description: A critical vulnerability has been found in the code-projects Bus Dispatch and Information System. The issue is related to an unknown function of the file delete bus.ph...

CVE-2023-33280

In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image scaling. A security vulnerability exists in PrestaShop version 2023-05-09 and earlier, which stems from a sensitive SQ...

PT-2023-24262 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop versions through 3.6.1 Description: The issue allows sensitive SQL calls to be executed with a trivial HTTP request, which can be exploited to forge a blind SQL injection. This can occur in the Store Commander scexportcustomers...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop 3.7.3 and prior versions, which stems from multiple sensitive...

Agt Teknik Ceppatron SQL注入漏洞

Agt Teknik Ceppatron is a cash register device from Agt Teknik. Agt Teknik Ceppatron suffers from a SQL injection vulnerability that arises from the use of special elements that are not among and allow commands to be executed via SQL injection...

CVE-2023-2064

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Minova Technology eTrace allows SQL Injection.This issue affects eTrace: before 23.05.20...

Credence Analytics iDEAL Wealth and Funds SQL注入漏洞

Credence Analytics iDEAL Wealth and Funds is a one-stop solution for funds from Credence Analytics India. A security vulnerability exists in Credence Analytics iDEAL Wealth and Funds version 1.0. An attacker can exploit the vulnerability to inject a payload via the "v" parameter, which can lead t...

SIMPLE DESIGN Daily Journal 安全漏洞

SIMPLE DESIGN Daily Journal is a diary application from SIMPLE DESIGN. A security vulnerability exists in SIMPLE DESIGN Daily Journal version 1.012.GP.B. The vulnerability stems from a problem with an unknown feature of the SQLite database that can lead to cause plaintext to be stored in a file o...

CVE-2022-47984

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163...

IBM InfoSphere Information Server SQL注入漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An SQL injection vulnerability exists in IBM InfoSphere Information Server version 11.7, which...

DEBIAN-CVE-2023-31610

An issue in the IOdefaultxsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

DEBIAN-CVE-2023-31608

An issue in the artmdivint component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

DEBIAN-CVE-2023-31609

An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31611

An issue in the libclongjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31617

An issue in the dksetdelete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...