Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2024/03/19 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2024-0070)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.02542EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.39 views

Debian: Security Advisory (DLA-3293-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.01672EPSS
Exploits3References4
Debian
Debian
added 2023/01/30 6:35 p.m.125 views

[SECURITY] [DLA 3293-1] modsecurity-crs security update

Debian LTS Advisory DLA-3293-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost January 30, 2023 https://wiki.debian.org/LTS Package : modsecurity-crs Version : 3.2.3-0+deb10u3 CVE ID : CVE-2018-16384 CVE-2020-22669 CVE-2021-35368 CVE-2022-39955 CVE-2022-39956...

9.8CVSS7.1AI score0.02542EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2018/09/03 2:29 a.m.24 views

CVE-2018-16384

A SQL injection bypass aka PL1 bypass exists in OWASP ModSecurity Core Rule Set owasp-modsecurity-crs through v3.1.0-rc3 via ab where a is a special function name such as "if" and b is the SQL statement to be executed...

7.5CVSS7.1AI score0.01672EPSS
Exploits1References2
OSV
OSV
added 2018/09/03 2:29 a.m.33 views

CVE-2018-16384

A SQL injection bypass aka PL1 bypass exists in OWASP ModSecurity Core Rule Set owasp-modsecurity-crs through v3.1.0-rc3 via ab where a is a special function name such as "if" and b is the SQL statement to be executed...

7.5CVSS7.7AI score
Exploits0References2
CVE
CVE
added 2018/09/03 12:0 a.m.78 views

CVE-2018-16384

CVE-2018-16384 describes a SQL injection bypass in the OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) via a crafted payload {ab}, where a is a function name (e.g., if) and b is the SQL to execute. Public details reference CRS versions up to 3.1.0-rc3, with later advisories noting related...

7.5CVSS8.2AI score0.01672EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder