UBUNTU-CVE-2023-31613

An issue in the nssdatabaselookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31615

An issue in the chasharray component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31608

An issue in the artmdivint component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31622

An issue in the sqlcmakepolicytrig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31630

An issue in the sqloqueryspec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2023-31607

An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2023-1207

This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability...

The vulnerability of the microprogrammed software of NETGEAR’s RAX30, RAX35, RAX38, RAX40, and RAXE300 routers allows a hacker to execute arbitrary code.

The vulnerability of the microprogrammed software of NETGEAR’s RAX30, RAX35, RAX38, RAX40, and RAXE300 routers lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially crafted SOAP requests...

Virtuoso Open-Source Edition SQL注入漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9 that...

CVE-2023-2696

A vulnerability was found in SourceCodester Online Exam System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /matkul/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. The attack may be...

Online Exam System SQL注入漏洞

Online Exam System is an online exam system by oretnom23 individual developers. A SQL injection vulnerability exists in SourceCodester Online Exam System version 1.0, which stems from a problem with the file /kelas/data in the component POST Parameter Handler, where manipulation of the parameter...

Billing Management System SQL注入漏洞

Billing Management System is a simple web application for managing customer billing for electricity supplier companies. A SQL injection vulnerability exists in Billing Management System v1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of...

Online Exam System SQL注入漏洞

Online Exam System is an online exam system by oretnom23 individual developers. A SQL injection vulnerability exists in SourceCodester Online Exam System version 1.0, which stems from a problem with the file /dosen/data of the component POST Parameter Handler, where manipulation of the parameter...

Time Tracker SQL注入漏洞

Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A SQL injection vulnerability exists in versions prior to Time Tracker 1.22.13.5792, which stems from a blind time-based injection vulnerabili...

SDG Technologies PnPSCADA SQL注入漏洞

SDG Technologies PnPSCADA is an automated meter reading solution from SDG Technologies. SDG Technologies PnPSCADA suffers from a SQL injection vulnerability. An attacker exploiting this vulnerability could interact with the underlying database...

The vulnerability of the /InstallTab/exportFldr.asp component of the Kaseya VSA software, a virtual system administrator tool for IT systems, allows a hacker to execute arbitrary SQL code.

The vulnerability of the /InstallTab/exportFldr.asp component of the Kaseya VSA software for remote monitoring and management of IT systems is related to the lack of protection for the SQL query structure during the processing of the fldrId parameter. Exploiting this vulnerability allows an...

Food Ordering Management System SQL注入漏洞

Food Ordering Management System is a food ordering management system by Carlo Montero personal developer. It provides an online platform to order food from a restaurant or fast food chain. A SQL injection vulnerability exists in SourceCodester Food Ordering Management System version 1.0, which...

PT-2023-23116

Name of the Vulnerable Software and Affected Versions Log4cxx versions 0.9.0 through 1.1.0 Description The issue is related to SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. No fields sent to the database were properly escaped for SQL injection. This has...

Apache Log4cxx SQL注入漏洞

Apache Log4cxx is a C++ logging framework modeled after Apache log4j from the Apache Foundation. An SQL injection vulnerability exists in Apache Log4cxx versions prior to 1.1.0 that stems from not properly escaping fields sent to the database when using the ODBC add-in to send log messages to the...

Spryker Commerce OS SQL注入漏洞

Spryker Commerce OS is a B2B, B2C and Marketplace solution from Spryker Germany. A security vulnerability exists in Spryker Commerce OS version 0.9. An attacker could exploit the vulnerability to access sensitive data...