11 matches found
EUVD-2015-7314
Malware in sbrugna...
CVE-2017-11559
An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...
VulnCheck KEV: CVE-2020-17506
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...
ArticaTech Artica Web Proxy SQL Injection Vulnerability
ArticaTech Artica Proxy is an open source Artica proxy solution from the French company ArticaTech. An SQL injection vulnerability exists in the 'apikey' parameter of the fw.login.php file in Artica Web Proxy version 4.30.00000000. A remote attacker can exploit this vulnerability to bypass...
CVE-2020-17506
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...
ZOHO ManageEngine OpManager SQL Injection Vulnerability (CNVD-2019-24541)
ZOHO ManageEngine OpManager is a set of network, server and virtualization monitoring software from ZOHO. A SQL injection vulnerability exists in the 'apiKey' parameter in ZOHO ManageEngine OpManager version 12.2. The vulnerability stems from a lack of validation of externally entered SQL...
Sql injection
An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...
TestLink SQL Injection Vulnerability (CNVD-2017-32128)
Testlink is TestLink team developed a PHP-based open source test management tool . The tool provides test requirements management , test case management and test data statistics and other functions . SQL injection vulnerability exists in versions of TestLink before 1.9.14. A remote attacker can...
Sql injection
SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey parameter to lnl.php...
Sql injection
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter...
TestLink SQL Injection Vulnerability (CNVD-2016-01142)
Testlink is a PHP-based open source test management tools . A SQL injection vulnerability exists in TestLink. The vulnerability is caused by the "apikey" HTTP GET parameter failing to filter via the "lnl.php" PHP script. An unauthenticated remote attacker can inject and execute arbitrary SQL...