50 matches found
PT-2022-23208 · Blue Prism · Blue Prism Enterprise
Name of the Vulnerable Software and Affected Versions: Blue Prism Enterprise versions 6.0 through 7.01 Description: The issue allows an authenticated user to reverse engineer the software and circumvent access controls for the getChartData administrative function in a misconfigured environment th...
SQL Injection
apachesuperset is vulnerable to SQL injection. An attacker is able to inject malicious SQL via chart data requests...
CVE-2022-27479
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...
CVE-2022-27479
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...
Sql injection
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...
PYSEC-2022-188
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue...
UBUNTU-CVE-2021-21303
Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...
PT-2019-12079 · Salicru · Slc-20-Cube3
Name of the Vulnerable Software and Affected Versions: Salicru SLC-20-cube35 devices running firmware version cs121-SNMP v4.54.82.130611 Description: A reflected HTML injection issue allows remote attackers to inject arbitrary HTML elements via specific API endpoints, including /DataLog.csv?log=,...
Remote Code Execution (RCE)
airflow is vulnerable to remote code execution RCE attacks. The attacks are possible because it does not prevent the chartdata endpoints taking arbitrary strings and executing them...
WordPress Crawl Rate Tracker 2.0.2 SQL Injection
Exploit Title: WordPress Crawl Rate Tracker plugin wpdb-getresults"SELECT DATEFROMUNIXTIMEvisittime visitdate,robotname,COUNT total FROM $this-sbtrackingtable WHERE visittime = '$start' AND visittime trackingbotreportchartdata;...