Lucene search
K

13188 matches found

Patchstack
Patchstack
added 2015/11/22 12:0 a.m.9 views

WordPress Pretty Link Lite Plugin <= 1.6.7 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Upgrade the plugin...

5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/11/20 12:0 a.m.6 views

The vulnerability of the Cisco Secure Access Control System’s access control system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the Solution Engine component of the Cisco Secure Access Control System relates to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...

6.5CVSS6AI score0.01361EPSS
Exploits0References2
htbridge
htbridge
added 2015/11/18 12:0 a.m.665 views

SQL Injection in orion.extfeedbackform Bitrix Module

High-Tech Bridge Security Research Lab discovered two vulnerabilities in orion.extfeedbackform Bitrix module, can be exploited to execute arbitrary SQL queries and obtain potentially sensitive data, modify information in database and gain complete control over the vulnerable website. All discover...

6.5CVSS9.2AI score0.01741EPSS
Exploits2Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/11/11 12:0 a.m.1 views

ManageEngine Applications Manager CommonAPIUtil enableDisableAlarmsAction SQL Injection

An SQL injection vulnerability exists in ManageEngine Applications Manager. This vulnerability is due to insufficient validation of the resourceid and haid parameters when processing requests using the enableDisableAlarmsAction method of the CommonAPIUtil class. By sending crafted request message...

2.7AI score
Exploits0
CNVD
CNVD
added 2015/11/10 12:0 a.m.3 views

IBM Security QRadar Incident Forensics SQL Injection Vulnerability

IBM Security QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigation of suspected malicious network security incidents, and repair network security vulnerabilities. An SQL injection vulnerability exists in IB...

6.5CVSS8.4AI score0.00991EPSS
Exploits0References1
Prion
Prion
added 2015/11/09 11:59 a.m.23 views

Sql injection

SQL injection vulnerability in the wpuntrashpostcomments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash...

7.5CVSS8.7AI score0.10986EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2015/11/08 10:59 p.m.14 views

CVE-2015-1989

SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS7.7AI score0.00991EPSS
Exploits0References1
Prion
Prion
added 2015/11/08 10:59 p.m.16 views

Sql injection

SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.2AI score0.00991EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2015/11/02 7:59 p.m.17 views

Sql injection

Multiple SQL injection vulnerabilities in csadminusers.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 user, 2 isadmin, 3 mail service, 4 mailresceipt, 5 stellv, 6 champtipp, 7 tippgroup, or 8 userid parameter...

7.5CVSS9.4AI score0.02206EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2015/10/30 10:59 a.m.12 views

Sql injection

SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuw50843...

6.5CVSS8.5AI score0.01361EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2015/10/30 10:19 a.m.34 views

CVE-2005-4745

SQL injection vulnerability in the rlmsqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors...

7.5CVSS9.1AI score0.01234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2015/10/30 10:11 a.m.17 views

CVE-2002-2043

SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password...

7.5CVSS9.3AI score0.01302EPSS
Exploits0References2
CVE
CVE
added 2015/10/30 10:0 a.m.43 views

CVE-2015-6350

The CVE-2015-6350 entry concerns Cisco Prime Service Catalog 11.0, where the WEB framework is vulnerable to SQL injection. The root cause is failed validation of user-supplied input used in SQL queries, enabling remote authenticated users to execute arbitrary SQL commands via unspecified vectors....

6.5CVSS8.2AI score0.01361EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2015/10/30 9:21 a.m.27 views

CVE-2006-2050

SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite 3.0 allows remote attackers to execute arbitrary SQL commands via the az parameter...

10CVSS10AI score0.03441EPSS
Exploits2References2
NVD
NVD
added 2015/10/29 8:59 p.m.17 views

CVE-2015-7297

SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858...

7.5CVSS8.2AI score0.99967EPSS
Exploits8References9
CVE
CVE
added 2015/10/29 8:0 p.m.110 views

CVE-2015-7297

CVE-2015-7297 is a Joomla! SQL injection affecting Joomla 3.2 up to 3.4.3 (before 3.4.4). It targets the Content History area, enabling an attacker to execute arbitrary SQL via unspecified vectors. Exploit evidence (EDB-38797) describes a SQLi leading to remote code execution in Joomla 3.2–3.4.4 ...

7.5CVSS8.3AI score0.99967EPSS
Exploits8References9Affected Software1
NVD
NVD
added 2015/10/29 11:59 a.m.15 views

CVE-2015-5668

SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01271EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/10/29 10:0 a.m.19 views

CVE-2015-5668

SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01271EPSS
Exploits0References3
NVD
NVD
added 2015/10/28 10:59 a.m.11 views

CVE-2015-7903

SQL injection vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS7.9AI score0.0129EPSS
Exploits1References1
NVD
NVD
added 2015/10/28 10:59 a.m.20 views

CVE-2015-6486

SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS7.9AI score0.04292EPSS
Exploits0References1
Rows per page
Query Builder