85 matches found
CVE-2022-49335
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG: kernel...
CVE-2022-49335 drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG: kernel...
CVE-2022-49335
CVE-2022-49335 concerns the Linux kernel DRM/AMDGPU path. The issue arises when a compute submit command (cs) is sent with 0 chunks, which is illegal and leads to a kernel oops later, specifically a NULL pointer dereference in amdgpu_cs_ioctl. Affected evidence shows a crafted 0-chunk submission ...
Customer Support System SQL Injection Vulnerability (CNVD-2024-14030)
Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from...
Customer Support System SQL Injection Vulnerability (CNVD-2024-14032)
Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from ...
Simple Real Estate Portal System SQL Injection Vulnerability (CNVD-2023-98207)
Simple Real Estate Portal System is a real estate portal system. A SQL injection vulnerability exists in Simple Real Estate Portal System v1.0, which originates from the parameter id of the file viewestate.php that lacks validation of externally entered SQL statements. An attacker can exploit thi...
D-Link DAR-7000 importexport.php file SQL injection vulnerability
D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A SQL injection vulnerability exists in the D-Link DAR-7000 importexport.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data...
ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66416)
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
emlog SQL Injection Vulnerability
emlog is a PHP and MySQL based CMS builder for emlog personal developers. A SQL injection vulnerability exists in emlog version 2.1.9, which stems from the lack of validation of externally entered SQL statements in the file /admin/user.php. An attacker can exploit this vulnerability to execute...
miniCal SQL Injection Vulnerability
miniCal is miniCal open source an open source PMS. miniCal version 1.0.0 SQL injection vulnerability , the vulnerability stems from the file /booking/showbookings/ parameter searchquery lack of validation of external input SQL statements , an attacker can use this vulnerability to execute illegal...
SEMCMS SQL Injection Vulnerability (CNVD-2023-41864)
SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A SQL injection vulnerability exists in SEMCMS version 1.5, which originates from the lack of validation of external input SQL statements in AntRponse.php. An attacker can exploit this vulnerability to...
Online Exam System Master.php File SQL Injection Vulnerability
Online Exam System is an online exam system. Online Exam System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameters columns, data of /classes/Master.php?f=deleteservice/kelasdosen/data for external input SQL statements. An attacker can...
Pharmacy Management System SQL Injection Vulnerability
Pharmacy Management System MPMS is a multilingual pharmacy management system. A SQL injection vulnerability exists in Pharmacy Management System v1.0, which originates from the email parameter in logincore.php that lacks validation of externally entered SQL statements. An attacker can exploit thi...
novel-plus SQL injection vulnerability (CNVD-2023-32195)
novel-plus novel boutique-plus is a multi-end PC, WAP reading, functional original literature CMS system. novel-plus version 3.6.2 suffers from a SQL injection vulnerability, which originates from a problem with the file /author/list?limit=10&offset=0&order=desc, where the operation of the...
Campcodes Online Traffic Offense Management System SQL Injection Vulnerability (CNVD-2023-29406)
Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A SQL injection vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the paramet...
automotive shop management system SQL injection vulnerability (CNVD-2022-87033)
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability. The vulnerability stems from a lack of validation of the...
Automotive Shop Management System SQL Injection Vulnerability (CNVD-2022-87032)
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in its...
SEMCMS Ant_Pro.php SQL Injection Vulnerability
SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SQL injection vulnerability exists in SEMCMS SHOP version 1.1, which originates from the lack of validation of externally entered SQL statements in AntPro.php. An attacker can use this vulnerability to...
Expense Management System SQL注入漏洞
Expense Management System is an expense management system. version v1.0 of Expense Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of its /Home/debitcreditp component. An attacker could use this...
Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11437)
Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...