Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Prion
Prionadded 2016/08/05 3:59 p.m.22 views

Sql injection

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the 1 Data Set Authoring or 2...

7.5CVSS8.9AI score0.06972EPSS
Exploits0References6Affected Software3
RedhatCVE
RedhatCVEadded 2016/07/14 8:59 p.m.19 views

CVE-2016-4999

A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter...

9.8CVSS2.7AI score0.06972EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2016/07/14 5:54 p.m.2 views

Dashbuilder: SQL Injection on data set lookup filters

A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter...

9.8CVSS5.8AI score0.06972EPSS
Exploits0References4
Rows per page
Query Builder