13184 matches found
CVE-2015-8153
SQL injection vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2015-7448
SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7...
Sql injection
SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 IFIX003, and 7.6.0 before 7.6.0.3 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 IFIX003, 7.5.1, and 7.6.0 before 7.6.0.3 IFIX001 for SmartCloud Control Desk; and Maximo Asset Management 7...
Sql injection
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-1154
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Osclass 3.5.9 SQL Injection
Advisory ID: HTB23287 Product: Osclass Vendor: https://osclass.org/ Vulnerable Versions: 3.5.9 and probably prior Tested Version: 3.5.9 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: January 25, 2016 Public Disclosure: Februa...
webSPELL SQL Injection Vulnerability
webSPELL is a WEB-based content management program. A SQL injection vulnerability exists in webSPELL. Input passed to the "/cashbox.php" script via the "payid" HTTP POST parameter is not sufficiently filtered, allowing an attacker to query the application's database and execute arbitrary SQL...
Sql injection
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...
CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...
CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Tiny Tiny RSS - Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: Tiny Tiny RSS Blind SQL Injection Date: 15-02-2016 Software Link: http://tt-rss.org/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description...
CVE-2016-1308
SQL injection vulnerability in Cisco Unified Communications Manager 10.52.13900.9 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227...
Sql injection
SQL injection vulnerability in Cisco Unified Communications Manager 10.52.13900.9 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227...
WordPress WPML Plugin SQL Injection (CVE-2015-2314)
An SQL injection vulnerability exists in the WPML plugin for WordPress, allowing remote attackers to execute arbitrary SQL commands...
WordPress Webdorado Spider Event Calendar Plugin SQL Injection (CVE-2015-2196)
An SQL injection vulnerability exists in Spider Event Calendar 1.4.9 for WordPress allowing remote attackers to execute arbitrary SQL commands...
MGASA-2016-0025 Updated cacti packages fix security vulnerability
Several SQL injection vulnerabilities have been discovered in Cacti. Specially crafted input can be used by an attacker in the rraid value of the graph.php script to execute arbitrary SQL commands on the database CVE-2015-8369...
The vulnerability of the Cisco Unified Communications Manager system allows a perpetrator to execute arbitrary SQL commands.
The vulnerability of the Cisco Unified Communications Manager IP telephony management system is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...
CVE-2015-3947
SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2015-3947
SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...