Lucene search
K

48 matches found

Packet Storm News
Packet Storm News
added 2025/07/18 12:0 a.m.4 views

Chain Table: Protecting Table-Level Data Integrity by Digital Ledger Technology

The rise of blockchain and Digital Ledger Technology DLT has gained wide traction. Instead of relying on a traditional centralized data authority, a blockchain system consists of digitally entangled block data shared across a distributed network. The specially designed chain data structure and it...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/08/18 10:15 p.m.5 views

CVE-2024-43207

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Valiano Unite Gallery Lite.This issue affects Unite Gallery Lite: from n/a through 1.7.62...

8.5CVSS5.5AI score0.00395EPSS
Exploits0References2
OSV
OSV
added 2023/11/13 10:15 p.m.4 views

CVE-2023-46018

SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...

5.5CVSS5.9AI score0.00355EPSS
Exploits5References1
Positive Technologies
Positive Technologies
added 2023/10/06 12:0 a.m.8 views

PT-2023-29489 · Unknown · Turna Advertising Administration Panel

Name of the Vulnerable Software and Affected Versions: Turna Advertising Administration Panel versions prior to 1.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.8CVSS9.6AI score0.00519EPSS
Exploits0References5
OSV
OSV
added 2023/09/27 11:15 p.m.4 views

CVE-2023-43191

SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker,...

5.4CVSS5.8AI score0.00346EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/09/05 12:0 a.m.8 views

Cacti Cross-Site Scripting Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti suffers from a cross-site scripting vulnerability that originates fro...

6.1CVSS6.2AI score0.00713EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.6 views

Grafana 跨站脚本漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus and so on. A cross-site scripting vulnerability exists in Grafana 9.2 and earlier, 9.3 and earlier, whic...

6.4CVSS7AI score0.01562EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/03/07 9:15 a.m.11 views

CVE-2022-0267

The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotateaction before using it in a SQL statement via the adrotaterequestaction function available to admins, leading to a SQL injection...

7.2CVSS7.2AI score0.01255EPSS
Exploits2References2
CNVD
CNVD
added 2022/01/28 12:0 a.m.51 views

Jsish Denial of Service Vulnerability (CNVD-2022-08461)

Jsish is a small JavaScript parser with a built-in database written in C. A security vulnerability exists in Jsish v3.5.0, which could lead to a denial of service DoS...

5.5CVSS2.7AI score0.00607EPSS
Exploits1
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.3 views

Jsish 资源管理错误漏洞

Jsish is a small JavaScript parser with a built-in database written in C. A security vulnerability exists in Jsish v3.5.0, which could lead to a denial of service DoS...

5.5CVSS5.6AI score0.00638EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.3 views

Jsish 安全漏洞

Jsish is a small JavaScript parser with a built-in database written in C. A security vulnerability exists in Jsish v3.5.0, which could lead to a denial of service DoS...

5.5CVSS5.6AI score0.00607EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.4 views

Jsish 安全漏洞

Jsish is a small JavaScript parser written in C with a built-in database. A security vulnerability exists in Jsish v3.5.0 that could lead to a Denial of Service DoS...

5.5CVSS5.8AI score0.00632EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/12/08 12:0 a.m.5 views

IBM DB2 授权问题漏洞

IBM DB2 is a relational database management system from the U.S. IBM Db2 information disclosure vulnerability can be exploited by attackers to obtain sensitive information...

6.5CVSS5.6AI score0.01159EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2021/06/03 12:0 a.m.5 views

PT-2021-19533 · Mcafee · Mcafee Database Security

Name of the Vulnerable Software and Affected Versions: McAfee Database Security versions prior to 4.8.2 Description: The issue allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized user logs into the...

5.9CVSS5.1AI score0.00501EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/13 12:0 a.m.5 views

Liferay Enterprise Portal SQL注入漏洞

Liferay Enterprise Portal is an application system from Liferay USA. It provides a showcase for e-commerce functionality. A SQL injection vulnerability exists in Liferay Enterprise Portal version 7.3.5. The vulnerability stems from the program not adequately cleaning up user-supplied data in the...

8.8CVSS8.5AI score0.01148EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/03/15 10:15 p.m.2 views

CVE-2021-3418

If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...

6.4CVSS6.8AI score0.00466EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/08/03 12:15 p.m.6 views

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

6.4CVSS7AI score0.01434EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/06 9:2 a.m.4 views

Django: SQL injection possibility in key and index lookups for JSONField/HStoreField

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to...

9.8CVSS7.4AI score0.47694EPSS
Exploits0References5
PyPA
PyPA
added 2019/02/20 12:29 a.m.7 views

PYSEC-2019-123

SQLAlchemy before 1.3.0b3 allows SQL Injection via the orderby parameter. The fix commit 30307c4 was applied only to the main branch and was never backported to the 1.2.x release line; all 1.2.x versions remain vulnerable...

9.8CVSS7.8AI score0.03525EPSS
Exploits2References9Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

PhpMyLogon 2.0 - SQL Injection Vulnerability

No description provided by source. Exploit Title: PhpMyLogon SQL Injection Date: March 14, 2010 Author: Blake Software Link: http://sourceforge.net/projects/phpmylogon/files/PhpMyLogon/PhpMyLogon%202/phpmylogon2.zip/download Version: 2 Tested on: Windows XP SP3 Proof of Concept: Enter the followi...

7.1AI score
Exploits0
Rows per page
Query Builder