4 matches found
CVE-2023-30839
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are ...
The vulnerability of the network management system for monitoring industrial networks in Siemens SINEC NMS lies in the improper assignment of permissions to critical resources. This allows a perpetrator to write arbitrary data to any location in the host’s file system.
The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to the improper assignment of permissions for critical resources. The application contains a database that does not restrict user rights. Exploiting this vulnerability allows a hacke...
PostgreSQL: PL/Tcl Intended restriction bypass
The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltclmodules table regardless of the table's ownership and permissions, which allows remo...
DEBIAN-CVE-2007-5976
SQL injection vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter...