The vulnerability of the form_save() function in the Cacti network monitoring software allows a hacker to execute arbitrary SQL queries.

The vulnerability of the formsave function in the Cacti network monitoring software is related to the lack of validation for the consistency of XML objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

PT-2023-2929 · Piwigo · Piwigo

Name of the Vulnerable Software and Affected Versions: Piwigo versions prior to 13.6.0 Description: The issue is related to a lack of validation of XML object sequences in the user list backend.php script of the Piwigo content management system. This can be exploited by a remote attacker to condu...

The vulnerability of the Apache Superset data visualization software lies in the lack of validation for XML objects’ sequences, which allows attackers to carry out attacks based on SQL injections.

The vulnerability of Apache Superset’s data visualization software lies in the lack of validation for the consistency of XML objects. Exploiting this vulnerability allows a remote attacker to carry out attacks based on SQL injections...

The vulnerability of the sapi/cgi/cgi_main.c component of the PHP programming language interpreter allows a hacker to execute arbitrary code.

The vulnerability of the sapi/cgi/cgimain.c component of the PHP programming language interpreter is related to the lack of validation for the sequences of XML objects. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...