6 matches found
CVE-2020-11597
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...
CVE-2020-11597
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...
CVE-2020-11597
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...
Amazon Linux AMI : postgresql8 (ALAS-2012-94)
A flaw was found in the way the crypt password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when...
CVE-2005-0441
Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise ASE 12.x before 12.5.3 ESD1 allow remote authenticated users to execute arbitrary code via the 1 attribvalid function, 2 covert function, 3 declare statement, or 4 a crafted query plan, or remote authenticated users with...
CVE-2002-1145
The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...