92 matches found
CVE-2022-49335
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG: kernel...
CVE-2022-49335 drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG: kernel...
CVE-2022-49335
CVE-2022-49335 concerns the Linux kernel DRM/AMDGPU path. The issue arises when a compute submit command (cs) is sent with 0 chunks, which is illegal and leads to a kernel oops later, specifically a NULL pointer dereference in amdgpu_cs_ioctl. Affected evidence shows a crafted 0-chunk submission ...
Student Grading System SQL Injection Vulnerability (CNVD-2025-03172)
Student Grading System is a student grading system. A SQL injection vulnerability exists in Student Grading System version 1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of the file /viewstudents.php. An attacker can exploit this vulnerability ...
J2EEFAST export function SQL injection vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the export function of the sqlfilte...
Customer Support System SQL Injection Vulnerability (CNVD-2024-14030)
Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from...
Customer Support System SQL Injection Vulnerability (CNVD-2024-14032)
Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from ...
Simple Real Estate Portal System SQL Injection Vulnerability (CNVD-2023-98207)
Simple Real Estate Portal System is a real estate portal system. A SQL injection vulnerability exists in Simple Real Estate Portal System v1.0, which originates from the parameter id of the file viewestate.php that lacks validation of externally entered SQL statements. An attacker can exploit thi...
D-Link DAR-7000 importexport.php file SQL injection vulnerability
D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 importexport.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data...
ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66416)
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
emlog SQL Injection Vulnerability
emlog is a PHP and MySQL based CMS builder for emlog personal developers. A SQL injection vulnerability exists in emlog version 2.1.9, which stems from the lack of validation of externally entered SQL statements in the file /admin/user.php. An attacker can exploit this vulnerability to execute...
miniCal SQL Injection Vulnerability
miniCal is miniCal open source an open source PMS. miniCal version 1.0.0 SQL injection vulnerability , the vulnerability stems from the file /booking/showbookings/ parameter searchquery lack of validation of external input SQL statements , an attacker can use this vulnerability to execute illegal...
SEMCMS SQL Injection Vulnerability (CNVD-2023-41864)
SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A SQL injection vulnerability exists in SEMCMS version 1.5, which originates from the lack of validation of external input SQL statements in AntRponse.php. An attacker can exploit this vulnerability to...
Online Exam System Master.php File SQL Injection Vulnerability
Online Exam System is an online exam system. Online Exam System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameters columns, data of /classes/Master.php?f=deleteservice/kelasdosen/data for external input SQL statements. An attacker can...
Pharmacy Management System SQL Injection Vulnerability
Pharmacy Management System MPMS is a multilingual pharmacy management system. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which originates from the email parameter in logincore.php that lacks validation of externally entered SQL statements. An attacker can exploit thi...
Campcodes Coffee Shop POS System SQL Injection Vulnerability (CNVD-2023-38610)
Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. A SQL injection vulnerability exists in Campcodes Coffee Shop POS System version 1.0, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
novel-plus SQL injection vulnerability (CNVD-2023-32195)
novel-plus novel boutique-plus is a multi-end PC, WAP reading, functional original literature CMS system. novel-plus version 3.6.2 suffers from a SQL injection vulnerability, which originates from a problem with the file /author/list?limit=10&offset=0&order=desc, where the operation of the...
Campcodes Online Traffic Offense Management System SQL Injection Vulnerability (CNVD-2023-29406)
Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A SQL injection vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the paramet...
Automotive Shop Management System SQL Injection Vulnerability (CNVD-2022-87032)
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in its...
automotive shop management system SQL injection vulnerability (CNVD-2022-87033)
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability. The vulnerability stems from a lack of validation of the...