PT-2026-47737

Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...

EUVD-2018-1981

Malware in sbrugna...

Unspecified Vulnerability in Apache Kylin

Apache Kylin is an open source distributed analytics engine that provides a SQL query interface on top of Hadoop and multidimensional analytics OLAP capabilities to support very large-scale data, originally developed by eBay Inc. and contributed to the open source community. A security...

CVE-2018-1000650

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters...

Sql injection

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters...