7 matches found
CVE-2011-10026 Spreecommerce < 0.50.x API RCE
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the searchinstanceeval parameter, which is dynamically invoked using Ruby’s send method. Thi...
CVE-2024-9101
A reflected cross-site scripting XSS vulnerability in the 'Entry Chooser' of phpLDAPadmin version 1.2.1 through the latest version, 1.2.6.7 allows attackers to execute arbitrary JavaScript in the user's browser via the 'element' parameter, which is unsafely passed to the JavaScript 'eval' functio...
The vulnerability of the Splunk Enterprise platform’s SplunkD module for operational analysis allows a perpetrator to trigger a service failure.
The vulnerability of the Splunk Enterprise platform’s Splunkd component relates to an uncontrolled resource consumption due to an improperly formatted parameter named INGESTEVAL. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
PT-2024-7417 · Splunk · Splunk Cloud Platform +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Splunk Cloud Platform versions prior to 9.2.2403.107 Splunk Cloud Platform versions prior to 9.1.2312.204 Splunk Clo...
CVE-2023-22941
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGESTEVAL’ parameter in a Field Transformation crashes the Splunk daemon splunkd...
CVE-2017-5359
EasyCom SQL iPlug allows remote attackers to cause a denial of service via the D$EVAL parameter to the default URI...
CVE-2017-5359
Affected product: EasyCom SQL iPlug. Vulnerability: Denial of Service via the D$EVAL parameter to the default URI, allowing remote attackers to exhaust the service. The issue is demonstrated by public PoCs/exploits targeting the 7078 port and sending oversized payloads, as reported across multipl...