49 matches found
CVE-2018-14502
controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters...
The vulnerability in the web interface of the software-hardware management interface for Cisco Firepower Management Center allows a malicious actor to execute arbitrary SQL queries.
The vulnerability of the web interface for managing the software-hardware environment of Cisco Firepower Management Center is related to input validation errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
D-Link Central WiFi Manager (CWM-100) Arbitrary SQL Command Query Vulnerability
D-Link Central WiFi Manager CWM-100 is a Web-based wireless access point management tool. An arbitrary SQL command query vulnerability exists in D-Link Central WiFi Manager CWM-100 versions prior to 1.03R0100BETA6. The vulnerability stems from a failure to validate input. An attacker can exploit...
The vulnerability of the SiTex component: The accessible environment of the SiTex tooling development platform allows a attacker to execute arbitrary requests to the database.
The vulnerability of the distributed application development platform SiTex-Dostupnye Sredstvo exists due to the lack of measures to neutralize special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute any query against the database using a specially...
FOG has multiple vulnerabilities
FOG is a free, open source, computer cloning and management solution. FOG has multiple vulnerabilities that allow input from certain unauthenticated users since parameters in the library function in the FOGManagerController.class.php file are not sanitized. An attacker can leverage this...
IPBProArcade 2.5 - Remote SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacke...
Invision Power Board 2.0 Index.PHP Post Action SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11703/info A remote SQL injection vulnerability affects Inivision Power Board. This issue is due to a failure of the application to properly validate user-supplied input prior to using it in an SQL query. An attacker may...
IPBProArcade 2.5.2 - GameID SQL Injection
IPBProArcade 2.5.2 - GameID SQL Injection source: https://www.securityfocus.com/bid/15205/info A remote SQL injection vulnerability reportedly affects ipbProArcade. The problem affects the 'gameid' parameter. An attacker may leverage this issue to manipulate SQL query strings and potentially carr...
IPBProArcade 2.5.2 - 'GameID' SQL Injection
source: https://www.securityfocus.com/bid/15205/info A remote SQL injection vulnerability reportedly affects ipbProArcade. The problem affects the 'gameid' parameter. An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may...