SQL Injection

Funadmin is vulnerable to SQL injection. The vulnerability is due to improper input validation in the Curd one-click command mode plugin, allowing user-supplied data to be directly included in SQL queries without sanitization. Attackers can exploit this to execute arbitrary SQL commands...

SQL Injection

Funadmin is vulnerable to SQL injection. The vulnerability is due to improper input sanitization in the /curd/table/list endpoint, which allows attackers to inject arbitrary SQL queries into the database...

RHEL 9 : postgresql:16 (RHSA-2024:5929)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5929 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL pgstatsext and...

RHEL 8 : postgresql:13 (RHSA-2024:6018)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6018 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

RHEL 8 : postgresql:13 (RHSA-2024:6141)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6141 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

RHEL 8 : postgresql:12 (RHSA-2024:6138)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6138 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

RHEL 8 : postgresql:12 (RHSA-2024:6137)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6137 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

RHEL 8 : postgresql:12 (RHSA-2024:6139)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6139 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

RHEL 8 : postgresql:13 (RHSA-2024:6558)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6558 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

CVE-2024-48733

SQL injection vulnerability in /SASStudio/sasexec/sessions/sessionID/sql in SAS Studio 9.4 allows remote attacker to execute arbitrary SQL commands via the POST body request. NOTE: this is disputed by the vendor because SQL statement execution is allowed for authorized users...

CVE-2024-48733

SQL injection vulnerability in /SASStudio/sasexec/sessions/sessionID/sql in SAS Studio 9.4 allows remote attacker to execute arbitrary SQL commands via the POST body request. NOTE: this is disputed by the vendor because SQL statement execution is allowed for authorized users...

RHEL 7 : postgresql (RHSA-2024:8495)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8495 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

CVE-2024-10440 Sunnet eHRD CTMS - SQL Injection

The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL command to read, modify, and delete database contents...

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CVE-2024-48427

A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manageservice&id...

CVE-2024-48427

A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manageservice&id...

Packers and Movers Management System 安全漏洞

Packers and Movers Management System is a Packers and Movers Management System by Carlo Montero Individual Developer. A security vulnerability exists in Packers and Movers Management System v1.0, which originates from a SQL injection that allows remote authenticated users to execute arbitrary SQL...

CVE-2024-47189

CVE-2024-47189 affects Mitel MiCollab MiCollab’s AWV API interface (through 9.8 SP1 FP2 / 9.8.1.201). The vulnerability is a SQL injection caused by insufficient input sanitization, allowing an unauthenticated attacker to access non-sensitive user provisioning information and potentially execute ...

CVE-2024-47487

There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries...

CVE-2024-47487

CVE-2024-47487 affects HikCentral Professional. Evidence from connected documents shows a SQL injection vulnerability in HikCentral Professional versions prior to 2.6.0, exploitable by an authenticated user to execute arbitrary SQL queries. The flaw is a remote vulnerability with high impact on c...