ESi AIM LINE Marketing Platform SQL注入漏洞

ESi AIM LINE Marketing Platform is a marketing platform from ESi, Inc. A SQL injection vulnerability exists in ESi AIM LINE Marketing Platform versions 3.3.0 through 5.8.4, which stems from failure to properly validate a specific query parameter, and when the LINE Marketing module is enabled, an...

PT-2024-39940 · Qplant Sf · Qplant Sf

Name of the Vulnerable Software and Affected Versions: QPLANT SF version 1.0 Description: The issue is related to a SQL injection vulnerability. Exploitation of this vulnerability could allow a remote attacker to retrieve all database information by sending a specially crafted SQL query to the...

PT-2024-38010 · Lollms +1 · Lollms +1

Name of the Vulnerable Software and Affected Versions: lollms-webui affected versions not specified lollms affected versions not specified Description: A path traversal issue exists in the lollms file system.py file, specifically affecting the functions add rag database, toggle mount rag database...

Delta Electronics DIAEnergie Handler_CFG.ashx SQL Injection Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. An SQL injection vulnerability exists in Delta Electronics DIAEnergie HandlerCFG.ashx, which can be exploited by an attacker to view, add, modify, or delete information in the back-end...

PT-2024-39723 · Red Hat · Ansible Automation Platform

Name of the Vulnerable Software and Affected Versions: Ansible Automation Platform AAP affected versions not specified Description: A flaw was found in Event-Driven Automation EDA in Ansible Automation Platform AAP, which lacks encryption of sensitive information. An attacker with network access...

The vulnerability of the web application for managing rental housing, the Campcodes House Rental System, arises from the lack of measures to protect the SQL query structure. This allows attackers to execute arbitrary SQL queries.

The vulnerability of the web application for managing rental housing, Campcodes House Rental System, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

CVE-2024-25658

Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...

PT-2024-21074 · Infinera · Infinera Tnms Server

Name of the Vulnerable Software and Affected Versions: Infinera TNMS Server version 19.10.3 Description: The issue allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext. This occurs due to the cleartext storage of...

CVE-2024-25658

Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...

CVE-2024-25658

Cleartext storage of passwords in Infinera TNMS Transcend Network Management System Server 19.10.3 allows attackers with access to the database or exported configuration files to obtain SNMP users' usernames and passwords in cleartext...

CVE-2024-8630

Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database...

CVE-2024-8630 Alisonic Sibylla SQL Injection

Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database...

CVE-2024-8630 Alisonic Sibylla SQL Injection

Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database...

CVE-2024-8630

CVE-2024-8630 affects Alisonic Sibylla (tank-gauge device) with an SQL injection vulnerability. Public docs (NVD/NVD-derived and CISA ICS advisory) describe improper neutralization of special elements in SQL commands, potentially allowing an attacker to retrieve database information, dump credent...

Alisonic Sibylla SQL注入漏洞

Alisonic Sibylla is an automated fuel tank metering service station from Alisonic. The Alisonic Sibylla suffers from a SQL injection vulnerability that stems from the device's susceptibility to SQL injection attacks, which could allow full access to the database...

Alisonic Sibylla

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Alisonic Equipment: Sibylla Vulnerability: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' 2. RISK EVALUATION Successful exploitation of this vulnerability...

SQL Injection Vulnerability in UFIDA U8CRM of UFIDA Network Technology Co. Ltd (CNVD-2024-43219)

UFIDA U8CRM is a professional enterprise-level CRM software designed to help companies efficiently manage customer relationships, improve sales performance and provide quality customer service. A SQL injection vulnerability exists in UFIDA U8CRM, which can be exploited by attackers to obtain...

PT-2024-39144 · Unknown · Alisonic Sibylla

Name of the Vulnerable Software and Affected Versions: Alisonic Sibylla affected versions not specified Description: The issue concerns SQL injection attacks, which could allow complete access to the database. Attackers can remotely compromise databases. There is no information provided about the...

CVE-2024-42404

SQL injection vulnerability in Welcart e-Commerce prior to 2.11.2 allows an attacker who can login to the product to obtain or alter the information stored in the database...

SQL Injection Vulnerability in UFIDA Nccloud of UFIDA Network Technology Co. Ltd (CNVD-2024-43465)

UFIDA Nccloud is a digitalization platform for large enterprises. A SQL injection vulnerability exists in UFIDA Nccloud, which can be exploited by attackers to gain access to sensitive database information...