PT-2022-8325 · Unknown · S::Can Moni::Tools

Name of the Vulnerable Software and Affected Versions: s::can moni::tools versions prior to 4.2 Description: The issue allows an authenticated attacker to gain full access to the database through SQL injection, potentially resulting in loss of confidentiality, loss of integrity, and Denial of...

OpenCart SQL Injection Vulnerability (CNVD-2024-30068)

OpenCart is an open source e-commerce system from the OpenCart team in Hong Kong, China. The system provides product reviews, product ratings, product additions and other modules. OpenCart 3.0.3.7 version of the existence of SQL injection vulnerability , an attacker can exploit the vulnerability...

CVE-2021-37823

OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background...

Online Diagnostic Lab Management System SQL注入漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. Online Diagnostic Lab Management System v1.0 has a SQL injection vulnerability that originates from a problem with the id parameter of /classes/Users.php?f=deleteclient, which can be exploited by an attacker to...

CVE-2022-42473

A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password...

Fortinet FortiSOAR 访问控制错误漏洞

Fortinet FortiSOAR is a security orchestration, automation and response SOAR solution from Fortinet, Inc. An access control error vulnerability exists in Fortinet FortiSOAR, stemming from a lack of authentication, which could be exploited by an attacker to compromise information by logging into t...

Profile of disabled user stays accessible

None...

ERROR : Dotmim.Sync.SyncException: SQLite Error 14: 'unable to open database file'.

On Broker machine event viewer : Dotmim.Sync.SyncException: SQLite Error 14: 'unable to open database file'. --- Microsoft.Data.Sqlite.SqliteException: SQLite Error 14: 'unable to open database file'. à Microsoft.Data.Sqlite.SqliteException.ThrowExceptionForRCInt32 rc, sqlite3 db à...

CVE-2022-39056

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

CVE-2022-39056

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

CVE-2022-39056 Changing Information Technology Inc. RAVA certificate validation system - SQL Injection

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

CVE-2022-39056 Changing Information Technology Inc. RAVA certificate validation system - SQL Injection

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

Joomla OSG Courts Reservation 1.4.9 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Input validation

Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following...

quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus

A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended...

CVE-2022-39275

CVE-2022-39275 affects Saleor (headless GraphQL commerce platform). The issue is improper ID-type validation in several GraphQL mutations that can let an authenticated user access database objects they should not, potentially exposing info such as row counts from tables with sequential keys and s...

Online Leave Management System SQL注入漏洞

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates in /leavesystem/classes/Master.php?f=delete department's id parameter lacks validation for external input SQL statements. An attacker...

Joomla JUX Charity Hub 1.0.4 SQL Injection Vulnerability

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...

Joomla JKassa ShoppingCart 2.0.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Joomla JS Jobs Pro 1.3.6 SQL Injection Vulnerability

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website : extensions.joomla.org │ │ Vendor : Joom Sky - joomsky.com │ │...