SQLite report about CVE-2020-15358

Malicious SQL statement causes a read past the end of a heap buffer. details...

SQLite report about CVE-2020-6405

Malicious SQL statement causes a NULL pointer dereference and denial-of-service details...

SQLite report about CVE-2020-9327

Malicious SQL statement causes a read using an uninitialized pointer and denial-of-service details...

SQLite report about CVE-2020-13435

Malicious SQL statement causes a read access to a NULL pointer and denial of service. details...

CVE-2019-15995

A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicio...

SQL Injection

connect-pg-simple is vulnerable to SQL injection. SQL queries with schemaName or tableName are not sanitized, allowing an attacker to inject and execute malicious SQL...

DEBIAN-CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

ALPINE-CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

SQLite report about CVE-2019-19959

Malicious SQL statement causes a NULL pointer dereference in the Zipfile virtual table extension and denial-of-service. This is only possible when the optional Zipfile virtual table extension is deployed, which is not the case in default builds. details...

SQLite report about CVE-2019-19925

Malicious SQL statement causes a NULL pointer dereference and in the Zipfile virtual table extension and denial-of-service. This is only possible when the optional Zipfile virtual table extension is deployed, which is not the case in default builds. details...

Sql injection

A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter...

SQL Injection Vulnerability in Guangzhou Jinpeng Software Technology Co.

Guangzhou Jin Peng Software Technology Co., Ltd. is a high-tech company specializing in software system design, development and sales. Guangzhou Jin Peng Software Technology Co., Ltd. enterprise website building system SQL injection vulnerability, attackers can use the vulnerability to execute...

Sql injection

FusionSphere V100R006C00SPC102NFV has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying malicious SQL statements and send them to a target device. Successful exploit could allow the attacker to launch an SQL injection attack and execute SQL...

LuManager high-risk SQL injection 0day analysis-vulnerability warning-the black bar safety net

2 0 1 5 year 9 month 7 day Ali cloud shield situational awareness system captures the LuManager system of 0day a gold that confirmed that the vulnerabilities once a hacker can use directly to the highest authority of the login background, upload webshell, the control system database, the operatio...

Cisco Unified Communications Manager Interactive Voice Response Interface SQL Injection Vulnerability

A vulnerability in the Interactive Voice Response IVR interface of Cisco Unified Communications Manager UCM could allow an unauthenticated, remote attacker to conduct SQL injection attacks. The vulnerability is due to a lack of input validation on user-supplied input within SQL queries. An attack...

XMB Forum 1.8 BBcode align Tag XSS

No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...

XMB Forum 1.8 forumdisplay.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...

kvaliitti-sql.txt

Found by: Jaakko "Chrysalid" Hartikainen 1. Info Kvaliitti WebDoc 3.0 CMS is a proprietary Finnish-made content management system developed by Kvaliitti Oy http://www.kvaliitti.fi. It is driven by MS SQL Server and ASP. 2. Abstract WebDoc 3.0 suffers from a flaw in input validation, which allows...

MySQL 5.0.18 - Query Logging Bypass

source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...

PostNuke Phoenix 0.7x - SHOW SQL Injection

PostNuke Phoenix 0.7x - SHOW SQL Injection source: https://www.securityfocus.com/bid/12684/info PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious...