1985 matches found
Saraban SQL Injection Vulnerability
Softvibe Saraban is a document management system from Softvibe Thailand. It is used for transferring files and notifications to reduce unnecessary duplication. softvibe Saraban has a SQL injection vulnerability in v1.1, which can be exploited by attackers to execute illegal SQL commands to steal...
Oracle MySQL 输入验证错误漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An input validation error vulnerability exists in MySQL Cluster, which stems from incorrect input validation by the Cluster: General component in MyS...
3 Data Source Coverage Capabilities You Need from Your Database Security Solution
When Henry Ford, the de-facto inventor of mass production, was asked during a production meeting in 1909 in which colors his Model T automobile would be available to consumers, Ford - a notorious stickler for keeping costs to the bare minimum - offered almost no optional extras and that included...
CVE-2021-46166
CVE-2021-46166 affects Zoho ManageEngine Desktop Central prior to 10.0.662. The vulnerability allows authenticated users to disclose sensitive information from the database by visiting the Reports page. The available documents confirm an information-disclosure impact but do not provide exploit ve...
WordPress WP_Query SQL Injection Vulnerability
WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress has a SQL injection vulnerability in versions prior to 5.8.3, which stems from the lack of validation of externally...
Projectworlds Hospital Management System SQL Injection Vulnerability (CNVD-2022-01377)
Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria.Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Imperva Snapshot™ Scan: What You Can Find in the Report
Imperva Snapshot is a free AWS RDS security assessment tool. You can use this tool to gain in-depth visibility into your data and get a deep understanding about what data resides in your RDS and where your RDS database security gaps are. Acquiring this intelligence is a key element and critical...
taocms SQL Injection Vulnerability (CNVD-2021-101663)
Taocms is a micro Cms Content Management System in China.Taocms has a SQL injection vulnerability in version 3.0.2, which stems from the application's lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensiti...
CVE-2021-41843
CVE-2021-41843 describes an authenticated SQL injection in the OpenEMR calendar search (calendar/index.php?module=PostCalendar&func=search). The vulnerability resides in the provider_id parameter, allowing an authenticated attacker to read data from all database tables. Affected product/version: ...
McAfee Database Security Improper Access Control Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of McAfee Database Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2021-40861
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...
CVE-2021-40860
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...
CVE-2021-31850
A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...
CVE-2021-31850
A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...
Denial of service
A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...
CVE-2021-31850
CVE-2021-31850 describes a denial-of-service in McAfee Database Security (DBS) before 4.8.4. The issue arises from archiving functionality via the user interface, where an authenticated remote administrator can trigger DoS by abusing file operations and path handling. The root cause is improper v...
CVE-2021-31850 Denial of Service in Database Security on Windows
A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...
Mcafee Database Security Server 安全漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of their databases and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
MGASA-2021-0520 Updated couchdb packages fix security vulnerability
Privilege escalation that allows an attacker to add or remove data in any database or make configuration changes. CVE-2021-38295...
Why you need to rethink your data security strategy and go beyond DLP
The increasing frequency and scale of data breaches has highlighted the need for organizations to rethink their approach to data security. Data Loss Prevention DLP technologies have been around for decades and formed a large part of many organizations’ data protection strategies. However, there i...