BIT-JAVA-2020-2585

Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

EUVD-2017-12307

Malware in sbrugna...

CVE-2022-39406

Vulnerability in the PeopleSoft Enterprise Common Components product of Oracle PeopleSoft component: Approval Framework. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

PT-2023-5869 · Qualcomm · Qualcomm Data Modem

Name of the Vulnerable Software and Affected Versions: Qualcomm Data Modem affected versions not specified Description: The issue is related to a cryptographic problem in the Data Modem due to improper authentication during the TLS handshake. This can allow a remote attacker to gain read, modify,...

CVE-2022-21586

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

PT-2021-14137 · Unknown · Paid Memberships Pro

Name of the Vulnerable Software and Affected Versions: Paid Memberships Pro versions prior to 2.5.6 Description: The issue allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. This can be exploited by attackers to manipulate database queries, potentiall...

CVE-2021-2049

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Administration. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2020-2834

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing...

Atutor SQL Injection Vulnerability (CNVD-2017-24615)

ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. Atutor SQL Injection Vulnerability. Allows attackers to exploit vulnerabilities to access or modify data,...

CVE-2017-3571

CVE-2017-3571 affects Oracle PeopleSoft Enterprise SCM eBill Payment (component: Security) version 9.2. A vulnerability allows a high-privilege attacker with network access via HTTP to compromise the SCM eBill Payment component, potentially enabling unauthorized creation, deletion or modification...

Joomla Blog Calender 'index.php' SQL Injection Vulnerability

Joomla! is an open source content management system CMS. A SQL injection vulnerability exists in Joomla Blog Calender 'index.php'. Due to the program failing to adequately validate user-supplied input before using it in a SQL query. Successful exploitation of this vulnerability would allow an...

Mini Notice Board SQL Injection Vulnerability

Mini Notice Board 1.1 is an online bulletin board application that primarily facilitates the posting of trading announcements. A SQL injection vulnerability exists in the addcard.php page of Mini Notice Board version 1.1, which can be exploited by an attacker to compromise the application, access...

TYPO3 GN Tactics Planner Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system. A SQL injection vulnerability exists in TYPO3 GN Tactics Planner Extension due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to access or modify data...

LG NAS N1A1 has multiple security vulnerabilities

The LG NAS N1A1 is a network storage device developed by the South Korean Lakin LG Group. Arbitrary file upload/download, security bypass, SQL injection, and unauthorized operation vulnerabilities exist in the Familycast service in the LG NAS N1A1 version 10119, which can be exploited by an...

Symphony SQL Injection Vulnerability (CNVD-2016-05127)

Symphony is a content management system CMS developed using PHP and MySQL. A SQL injection vulnerability exists in Symphony, which can be exploited by an attacker to take full control of the program and access or modify data...

CVE-2016-2968

IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors...

Unspecified Vulnerability in Oracle E-Business Suite Oracle E-Business Intelligence Definition Component (CNVD-2016-00641)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle E-Business Intelligence Common component, which could be exploited by remote attackers to submit a special request to access and modify...

Joomla! com_memorix component 'index.php' SQL Injection Vulnerability

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the Joomla commemorix component 'index.php'. The vulnerability exists becau...

Magic Calendar Lite 1.02 Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16734/info Magic Calendar Lite is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...

Pixie CMS Multiple Vulnerabilities (Mar 2009) - Active Check

Pixie CMS is prone to an SQL injection SQLi vulnerability and a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...