CVE-2016-10096

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

phpMyAdmin SQL Injection Vulnerability (CNVD-2016-13237)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A SQL injection vulnerability exists in phpMyAdmin. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

Joomla! Component DT Register - 'cat' SQL Injection

Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...

IBM BigFix Remote Control SQL Injection Vulnerability

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A SQL injection vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

CVE-2016-2873

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2016-2873

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

Sql injection

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

Exponent CMS <= 2.4.0 Information Disclosure and SQLi Vulnerabilities

Exponent CMS is prone to an SQL injection SQLi and an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

CVE-2016-8908

SQL injection vulnerability in the "Site Browser HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

CVE-2016-8907

SQL injection vulnerability in the "Content Types Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

CVE-2016-8906

SQL injection vulnerability in the "Site Browser Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

CVE-2016-8905

SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter...

CVE-2016-8903

SQL injection vulnerability in the "Site Browser Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

CVE-2016-8902

SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter...

dotCMS < 3.3.2 SQLi Vulnerability

dotCMS is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotcms:dotcms"; if...

Sql injection

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

CVE-2016-6443

CVE-2016-6443 affects Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM) with a SQL database interface vulnerability. The issue is a lack of input validation in SQL queries, allowing an authenticated, remote attacker to execute a subset of arbitrary SQL statements that can...

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

Cisco Identity Services Engine SQL Injection Vulnerability (cisco-sa-20161026-ise)

A vulnerability in the web framework code of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Sql injection

SQL injection vulnerability in IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...