42 matches found
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25459 Web Ofisi Emlak V2 SQL Injection via emlak-ara.html
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlakdurumu, emlaktipi, il, ilce, kelime, and semt to extract sensitive...
CVE-2019-25456 Web Ofisi Emlak v2 SQL Injection via ara Parameter
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456 Web Ofisi Emlak v2 SQL Injection via ara Parameter
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456
CVE-2019-25456 affects Web Ofisi Emlak v2. The vulnerability is an SQL injection in the ara parameter of GET requests, allowing unauthenticated attackers to manipulate database queries. Time-based SQL injection payloads can be used to extract sensitive data or cause denial of service. Connected d...
CVE-2019-25455 Web Ofisi E-Ticaret v3 SQL Injection via ara.html
Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'a' parameter. Attackers can send GET requests to with malicious 'a' parameter values to extract sensitive database information...
PT-2026-21443
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
Web Ofisi Emlak SQL注入漏洞
Web Ofisi Emlak is a real estate agency website system developed by the Turkish company Web Ofisi. The Web Ofisi Emlak v2 version has a SQL injection vulnerability, which stems from insufficient validation of the ara parameter input. This vulnerability may lead to SQL injection attacks...
Malicious code in aibopuna-mobile-ara (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76515456d4b5dbdc015a99bafbd41f348ed439beb67a0802235b4bcaa988fc53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2007-3300
Malware in sbrugna...
CVE-2021-30267
Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
Integer overflow
Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2021-30267
CVE-2021-30267 corresponds to an integer overflow vulnerability caused by improper input validation in Qualcomm FTM ARA commands, leading to a potential buffer overflow. Affected products span Qualcomm/Qualcomm Snapdragon families including Auto, Compute, Connectivity, Consumer IoT, Industrial Io...
多款Qualcomm产品输入验证错误漏洞
Qualcomm MDM9650 and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The MDM9650 is a central processing unit CPU product.QCA6574AU is a central processing unit CPU product.SDX24 is a modem. A security vulnerability exists in multiple Qualcomm products that stems from improper input...
Resim Ara <= 3.0 - Unauthenticated Reflected XSS
The WordPress plugin team was notified on January 17th, 2020. Note: There were inconsistencies between the versions from the readme.txt 3.0, the plugin file 1.0 as well as tags 1.0 to 3.0...
WordPress Resim ara 1.0 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Resim ara 1.0 Resim ara is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Resim Ara plugin <= 1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Ricardo Sanchez in WordPress Resim Ara plugin versions = 1.0. Solution This plugin has been closed as of January 17, 2020 and is not available for download. Reason: Security Issue...
Security Bulletin: A security vulnerability in IBM Liberty affects IBM Algo One Algo Risk Application (ARA) CVE-2017-1681
Summary A security vulnerability in IBM Liberty affects IBM Algo One Algo Risk Application ARA CVE-2017-1681 Vulnerability Details CVEID: CVE-2017-1681 DESCRIPTION: IBM WebSphere Application Server IBM Liberty for Java for Bluemix 3.15 could allow a local attacker to obtain sensitive information,...