65 matches found
CVE-2022-25517
MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java. NOTE: the vendor's position is that the reported execution of a SQL statement was intended behavior...
Nagios SQL注入漏洞
Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A SQL injection vulnerability exists in Nagios Network Analyzer versions prior to 2.4.3. The vulnerability can be exploited to read sensitive data from the database and...
PT-2021-17861 · Seo Panel · Seo Panel
Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: The issue concerns a time-based blind SQL injection vulnerability in the order col parameter of the archive.php file. This vulnerability allows an attacker to retrieve all databases. Recommendations: For S...
CVE-2019-13076
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /userui/ticketlist.php, and affected parameters are order0column and order0dir...
CVE-2018-18296
MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action...