3908 matches found
Design/Logic Flaw
Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...
CVE-2023-47261
Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...
osCommerce 4 SQL Injection Vulnerability
Exploit Title: osCommerce 4 - SQL Injection Exploit Author: CraCkEr Date: 22/11/2023 Vendor: osCommerce ltd. Vendor Homepage: https://www.oscommerce.com/ Software Link: https://demo.oscommerce.com/ Demo Link: https://demo.oscommerce.com/b2b-supermarket/ Tested on: Windows 11 Home Impact: Database...
osCommerce 4 SQL Injection
Exploit Title: osCommerce 4 - SQL Injection Exploit Author: CraCkEr Date: 22/11/2023 Vendor: osCommerce ltd. Vendor Homepage: https://www.oscommerce.com/ Software Link: https://demo.oscommerce.com/ Demo Link: https://demo.oscommerce.com/b2b-supermarket/ Tested on: Windows 11 Home Impact: Database...
postgresql: extension script @substitutions@ within quoting allow SQL injection
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...
Information disclosure
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database...
PT-2023-22122 · Unknown · Facschorus
Name of the Vulnerable Software and Affected Versions: FACSChorus affected versions not specified Description: The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, whi...
CVE-2023-40610 Apache Superset: Privilege escalation with default examples database
Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Using the default examples database connection that allows access to both the examples schema and Apache Superset's metadata database, an attacker using a specially crafted CTE SQL stateme...
Artica Pandora FMS Path Traversal Vulnerability
Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A path traversal vulnerability exists in Artica Pandora FMS versions 700 through 773, which stems from a path traversal in...
PT-2023-31571
Name of the Vulnerable Software and Affected Versions DRDrive versions prior to 20231006 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations For version...
LuxSoft LuxCal Web Calendar Security Vulnerability
LuxSoft LuxCal Web Calendar is a free user-friendly lightweight web-based event calendar from LuxSoft Switzerland. A security vulnerability exists in LuxSoft LuxCal Web Calendar versions prior to 5.2.4M and prior to 5.2.4L, which stems from the presence of a SQL injection vulnerability. An attack...
The vulnerability of Fortinet FortiWLM, a centralized management system for WLAN access points and LAN switches, stems from the lack of protective measures for the SQL query structure. This allows attackers to execute arbitrary SQL queries against the database.
The vulnerability of Fortinet FortiWLM, a centralized management system for WLAN access points and LAN switches, relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries against the database remotely...
CVE-2023-6105
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database...
CVE-2023-46601
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...
Design/Logic Flaw
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...
OSS Calendar vulnerable to SQL injection
Overview OSS Calendar provided by Thinkingreed Inc. contains an SQL injection vulnerability CWE-89. Shogo Iyota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...
EMSigner OSS Calendar Security Vulnerability
EMSigner OSS Calendar is a calendar application from EMSigner Japan. A security vulnerability exists in EMSigner OSS Calendar prior to version v.2.0.3, which stems from the presence of a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted request...
SQL Injection
Piccolo is vulnerable to SQL Injection. The vulnerability is caused by a lack of user input validation while executing SQL statements. The input passed to connection.execute is not properly escaped. An attacker can exploit this vulnerability to obtain direct access to the database and has the...
PT-2023-6888 · WordPress · Wp Fastest Cache
Name of the Vulnerable Software and Affected Versions: WP Fastest Cache versions prior to 1.2.2 Description: The issue is related to the WP Fastest Cache WordPress plugin, which does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection...
PT-2023-30515 · Unknown · Oss Calendar
Name of the Vulnerable Software and Affected Versions: OSS Calendar versions prior to 2.0.3 Description: The issue allows a remote authenticated attacker to execute arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request. This can be...