Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:11 p.m.6 views

CVE-2020-11597

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...

9.8CVSS7.7AI score0.0148EPSS
Exploits1References1
NVD
NVD
added 2020/04/06 10:15 p.m.10 views

CVE-2020-11597

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...

9.8CVSS9.8AI score0.0148EPSS
Exploits1References1
OSV
OSV
added 2020/04/06 10:15 p.m.3 views

CVE-2020-11597

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner...

9.8CVSS7.4AI score0.0148EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : postgresql8 (ALAS-2012-94)

A flaw was found in the way the crypt password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when...

4.3CVSS7.7AI score0.05734EPSS
Exploits1References3
NVD
NVD
added 2004/12/22 5:0 a.m.17 views

CVE-2005-0441

Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise ASE 12.x before 12.5.3 ESD1 allow remote authenticated users to execute arbitrary code via the 1 attribvalid function, 2 covert function, 3 declare statement, or 4 a crafted query plan, or remote authenticated users with...

10CVSS7.4AI score0.08549EPSS
Exploits0References15
Cvelist
Cvelist
added 2002/10/21 4:0 a.m.30 views

CVE-2002-1145

The xprunwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine MSDE 1.0, and Microsoft Desktop Engine MSDE 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owne...

6.9AI score0.08345EPSS
Exploits0References7
Rows per page
Query Builder