EUVD-2017-2271

Malware in sbrugna...

EUVD-2018-0121

Malware in sbrugna...

GHSA-HXMP-JCQJ-83HM Magento 2 Community Edition Injection Vulnerability

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

Code injection

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

SQL Injection

magento/community-edition is vulnerable to SQL injection. The vulnerability exists as a user with marketing manipulation privileges can invoke methods that alter data of the underlying model followed by corresponding database modifications...

CVE-2019-7889

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

GHSA-HG4C-RGVM-964G SQL Injection in pycsw

A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL at least it is possible to perform updates/inserts/deletes and database...

CVE-2016-8640

A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL at least it is possible to perform updates/inserts/deletes and database...

Debian DSA-1413-1 : mysql - multiple vulnerabilities

Several vulnerabilities have been found in the MySQL database packages with implications ranging from unauthorized database modifications to remotely triggered server crashes. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2583 The indecimal::set...

[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1413-1 [email protected] http://www.debian.org/security/ Noah Meyerhans November 26, 2007 http://www.debian.org/security/faq -...

Use download the vulnerability database to initiate network attacks-vulnerability warning-the black bar safety net

As scripting vulnerability the number one killer-and database download vulnerabilities, now has been more and more people to the art. In this information technology update Fast of the era, the vulnerability produced after the attendant is to respond to the tricks, such as change the database...

NotifyLink contains multiple SQL injection vulnerabilities

Overview There are multiple vulnerabilities in NotifyLink that allow unauthenticated remote users to view or modify the contents of the NotifyLink SQL database. Possible modifications include the addition of unauthorized user and administrator accounts. Description Notify Technology NotifyLink...

easynews 1.5 let's remote users modify database

Hey, that's my first submission so don't expect anything spectacular. There are a few bugs in Easynews 1.5: Short Description: Easynews 1.5 - database and templates remotly modifieable, cross site scripting, local users gain admin pass, and stuff : Found by: markus [email protected] Vendor...