476 matches found
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the sqlcuniondtwrap component, allowing attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the schnametoobject component, allowing attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the dfeunitcolloci component, allowing attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the artmdivint component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the sqloqueryspec component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the mpboxcopy component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the kcvarcol component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the sqlounionscope component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the stricmp component, allowing attackers to cause a DoS via crafted SQL statements...
CVE-2023-38724
Summary: CVE-2023-38724 affects IBM Cognos Controller versions 10.4.1, 10.4.2, and 11.0.0. The issue is a SQL injection vulnerability that could allow a remote attacker to view, add, modify, or delete data in the back-end database when exploiting crafted SQL statements. The connected/official rem...
CVE-2024-4309
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /user/transaction.php?id=1, /user/credit-debittransaction.php?id=1,/user/viewtransaction. php?id=1 and...
CVE-2024-2590
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/mail/main/selectsend.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2585
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend2.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2591 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetailgroup.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2586 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2585 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend2.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-2584 SQL injection vulnerability in AMSS++
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/selectsend.php, in the 'sdindex' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...
CVE-2024-1301
SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...
BIT-MYSQL-CLIENT-2022-27378
An issue in the component Createtmptable::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...
CVE-2024-27315 Apache Superset: Improper error handling on alerts
An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert...