16 matches found
EUVD-2014-4453
Malware in sbrugna...
CVE-2023-32754
Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2023-32754
Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2023-32754
Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
Thinking Software Technology Efence SQL注入漏洞
Thinking Software Technology Efence is a mobile device management solution from China-based Thinking Software Technology. A SQL injection vulnerability exists in Thinking Software Technology Efence due to a login function that does not validate user-entered parameters...
CVE-2023-32754 Thinking Software Efence - SQL injection
Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2023-32754 Thinking Software Efence - SQL injection
Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2023-22900
Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2023-22900
Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2023-22900
The CVE is for Thinking Software Technology Co., Ltd. Efence — SQL Injection due to insufficient input validation in the login function. Unauthenticated remote attackers can inject arbitrary SQL commands to access, modify, or delete the database. Relevant details in connected sources indicate Efe...
CVE-2023-22900 Thinking Software Technology Co., Ltd. Efence - SQL Injection
Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
Efence SQL注入漏洞
Thinking Software Technology Efence is a mobile device management solution from China-based Thinking Software Technology. A SQL injection vulnerability exists in Efence 1.2.58 DB.ver 28, which stems from insufficient validation of user input in the login function. An attacker could use this...
CVE-2023-22900 Thinking Software Technology Co., Ltd. Efence - SQL Injection
Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...
CVE-2014-4526
Multiple cross-site scripting XSS vulnerabilities in callback.php in the efence plugin 1.3.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 message, 2 zoneid, 3 pubKey, or 4 privKey parameter...
CVE-2014-4526
Summary (CVE-2014-4526) : The WordPress plugin efence (versions up to and including 1.3.2) is affected by multiple XSS vulnerabilities in callback.php. The attack surface includes parameters: message, zoneid, pubKey, and privKey, enabling remote attackers to inject arbitrary web script/HTML. The ...
WordPress Efence Plugin <= 1.3.2 - Multiple XSS
Because of these vulnerabilities in callback.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...