CVE-2018-17484

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Sample Database.mdb database while in kiosk mode. By using attack vectors outlined in kiosk breakout, an attacker could exploit this vulnerability to view and edit the database...

Joomla Furniture Virtuemart Templates 1.5 SQL Injection

Exploit Title : Joomla Furniture Virtuemart Templates 1.5 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 25/02/2019 Vendor Homepage : ordasoft.com Software Download Link : ordasoft.com/download-furniture-joomla-virtuemart-template Software...

UBUNTU-CVE-2019-8425

includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages...

WordPress Add Code To Head upsite_analytics_plugin 1.13 SQL Injection

Exploit Title : WordPress Add Code To Head upsiteanalyticsplugin Plugins 1.13 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : hbjitney.com Software Download Link : downloads.wordpress.org/plugin/add-code-to-head.zip...

Design/Logic Flaw

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable...

Fedora 29 : phpMyAdmin (2018-088802878a)

Upstream announcement : The phpMyAdmin team is pleased to announce the release of phpMyAdmin version 4.8.4. Among other bug fixes, this contains several important security fixes. The security fixes involve : - Local file inclusion https://www.phpmyadmin.net/security/PMASA-2018-6/, - XSRF/CSRF...

November 2, 2017—KB4052232 (OS Build 10586.1177)

November 2, 2017—KB4052232 OS Build 10586.1177 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where applications based on the Microsoft JET Database Engine Microsoft Acces...

Specified database is not valid

Challenge The installation cannot be continued due to the error message: "Specified database is not valid. Please choose Veeam ONE database or create a new database to proceed." Cause The error message occurs when you install Veeam ONE using previously created and in some cases migrated database...

Domain Trust broken on new versions of a domain-joined layer because the computer name has changed

When creating a Platform Layer, it's normal to join it to the domain and leave it joined to the domain. When you add another version to your platform layer, you find that the Computer Name has changed, and that breaks domain trust. On the packaging machine, when you attempt to log on, you receive...

Auto Car 1.2 Cross Site Scripting / SQL Injection

Exploit Title: Auto car 1.2 - 'cartitle' SQL Injection / Cross-Site Scripting Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/auto-car-car-listing-script/19221368?srank=1159 Version: 1.2 Tested on: Win 10 POC 1: SQLi: Parameter: cartitle Type:...

PVS targets using MAK Licensing intermittently fail to reactivate

PVS targets using a vdisk that has the radio button set to MAK licensing will intermittently fail to reactivate after rebooting. PVS CDF traces may also show an error that the device does not exist in the VAMT database. "Device: 10.10.10.10 not found in Vamt database."...

CVE-2017-16735

A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log...

Ciuis CRM 1.0.7 - SQL Injection

Ciuis CRM 1.0.7 - SQL Injection Exploit Title: Ciuis CRM v 1.0.7 Sql Injection Google Dork: if applicable Date: 12/15/2017 Exploit Author: Zahid Abbasi Contact: http://twitter.com/zahidsec Website: http://zahidabbasi.com Vendor Homepage: http://ciuis.com/ Software Link:...

Ciuis CRM 1.0.7 - SQL Injection

Exploit Title: Ciuis CRM v 1.0.7 Sql Injection Google Dork: if applicable Date: 12/15/2017 Exploit Author: Zahid Abbasi Contact: http://twitter.com/zahidsec Website: http://zahidabbasi.com Vendor Homepage: http://ciuis.com/ Software Link: https://codecanyon.net/item/ciuis-crm/20473489 Version:...

Database Creation Error when creating a new WEM database using a hyphen ("-") in the database name

When attempting to create a new WEM database when using a hyphen '-'in the name, an error appears saying "Database Creation Error". The Citrix WEM Database Management Utility Debug Log contains the following Exception: Exception - CreateVuemdb.Run : SqlDatabaseHelper. connection Error : 102 |...

Error while creating WEM database: "Database creation error!"

Database Creation Wizard produces the following error while creating a new WEM database: "Database creation error!". The Citrix WEM Database Management Utility Debug log file located in "C:\Program Files x86\Norskale\Norskale Infrastructure Services" reports the following error when attempting to...

Cross-site Scripting (XSS)

dolibarr is vulnerable to cross-site scripting attacks. The attacker can inject and execute arbitrary code when calling the $db-lastqueryerror function in functions.lib.php...

PVS Servers Show Offline on PVS Console - Event ID 11 - Undefined Database Error

PVS server shows offline in the PVS console, although Streaming service is running on occasion: An error in event viewer: Event ID: 11 – Undefined database error/PVS server status is "Down" This is an internal error. Please contact technical support...

WEM Database Creation Error Message regarding "Path Specified" when creating WEM database

When attempting to create a WEMDatabase using the Database Management Utility Console, it failswith: "Database Creation Error" The Citrix WEM Database Management Utility Debug Log shows the following exception:"Exception - CreateVuemdb.Run : SqlDatabaseHelper. connection Error : 5133 | Directory...

SQL Injection

Due to the requirement for dynamic content of today's web applications, many rely on a database backend to store data that will be called upon and processed by the web application or other programs. Web applications retrieve data from the database by using Structured Query Language SQL queries. T...