1987 matches found
CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...
CVE-2021-23895
CVE-2021-23895 describes a deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2. A remote authenticated attacker can abuse a crafted Java serialized object sent to the DBSec server to spawn a reverse shell with administrator privileges. Affected compo...
CVE-2021-23894 Unauthorized deserialization of untrusted data in McAfee DBSec
Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...
SQL Injection Vulnerability in CRM E4/Standard Edition of Pengwei Software Corporation (CNVD-2021-42784)
Pengwei Software Co., Ltd. is a static transportation system solution provider. A SQL injection vulnerability exists in the CRM E4/Standard Edition of Pengwei Software Corporation, which can be exploited by attackers to obtain sensitive information from the database...
Mcafee Database Security Server 安全漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
Mcafee Database Security Server 代码问题漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A code...
Mcafee Database Security Server 代码问题漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A code...
PT-2021-15596 · Mcafee · Mcafee Database Security
Name of the Vulnerable Software and Affected Versions: McAfee Database Security versions prior to 4.8.2 Description: The issue allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent...
CVE-2021-3515
CVE-2021-3515 corresponds to a shell-injection flaw in the pglogical extension for PostgreSQL. Affected versions are before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges can craft a database name that enables execution of shell commands as the postgresql user during pglogical.crea...
BlueCMS suffers from SQL injection vulnerability (CNVD-2021-42353)
BlueCMS is a professional local portal system developed by open source combination of PHP + MYSQL, focusing on local portal CMS. BlueCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in Ricochet Cloud Group Live Code Management System (CNVD-2021-40236)
RikerCloud live code management system is an open source, free, live code system that can be operated online to improve efficiency, get more resources and so on. A SQL injection vulnerability exists in the Ricochet Cloud Live Code Management System. An attacker can exploit this vulnerability to...
SQL Injection Vulnerability in Disk Enterprise LCMS (CNVD-2021-40145)
Pan Enterprise LCMS is a WEB application development system. A SQL injection vulnerability exists in Pan Enterprise LCMS, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Wujia Network Backend Management Platform
Wujia Networks is an Internet high-tech enterprise focusing on software and hardware technology research and development. SQL injection vulnerability exists in the background management platform of Wujia Network, which can be exploited by attackers to obtain sensitive information in the database...
SQL Injection Vulnerability in PatrolFlow Multiservice Security Gateway Intelligent Management Platform (CNVD-2021-40138)
Beijing Byzoro Network Technology Co., Ltd. is a high-tech enterprise dedicated to building the next-generation secure Internet. PatrolFlow Multi-service Security Gateway Intelligent Management Platform suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain...
CVE-2021-20720
KonaWiki2 is affected by CVE-2021-20720: SQL injection in versions prior to 2.2.4 that allows remote attackers to execute arbitrary SQL commands and obtain/alter data in the application database via unspecified vectors. The vulnerability stems from insufficient input cleansing in KonaWiki2 prior ...
SQL Injection Vulnerability in Rainy Novel cms 1.3.2
Wild Rain Fiction cms hereinafter referred to as KYXSCMS is a content management system that provides a lightweight fiction website solution based on ThinkPHP 5.1 MySQL technology. A SQL injection vulnerability exists in Drizzle Novel cms 1.3.2, which can be exploited by attackers to obtain...
SQL Injection Vulnerability in Jacko Web Design Studio Website Building System (CNVD-2021-39106)
Jacko Web Design Studio is an integrated communication agency with services such as website construction, graphic design and advertising production. A SQL injection vulnerability exists in the website building system of Jacko Web Design Studio. An attacker can exploit this vulnerability to obtain...
FangfaCMS suffers from SQL injection vulnerability (CNVD-2021-39291)
Method Digital Web Content Management System FangfaCms is an enterprise-level PHPCMS website management system. FangfaCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in Fish Leap CMS
FishLeap CMS is a content management system specifically geared towards enterprise applications. A SQL injection vulnerability exists in Fishy CMS, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in SEMCMS SCSHOP (CNVD-2021-38037)
SCSHOP is a self-developed open source online store btc system. SEMCMS SCSHOP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...