Grand Vice info Webopac SQL注入漏洞

Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to use library services through the Internet. A SQL injection vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, whic...

The vulnerability of the Infrastructure component of the Oracle Banking Liquidity Management management platform allows a hacker to gain unauthorized access to read, create, modify, and delete data, or to cause a service failure.

The vulnerability of Oracle Banking Liquidity Management’s infrastructure component relates to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to read, create, modify, and delete data, or cause...

The vulnerability of the Authoring component of the Oracle Service Contracts platform, a part of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to create, modify, and delete data.

The vulnerability of the Authoring component of the Oracle Service Contracts platform, a part of the Oracle E-Business Suite, is related to deficiencies in the authorization mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to create...

The vulnerability of the Database Core Component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Database Core Component of the Oracle Database Server management system is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data...

CVE-2024-21247

...

The vulnerability of the Tasks component in the Oracle Common Applications Calendar application of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, and delete data.

The vulnerability of the Tasks component in Oracle Common Applications Calendar, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

UBUNTU-CVE-2024-21210

Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

The vulnerability of the application programming interface of the software platform based on Git for collaborative code development on GitLab allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the application programming interface of a Git-based software platform for collaborative code development on GitLab is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, or delete access ...

CVE-2024-8327

Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987

SolarWinds Web Help Desk (WHD) is affected by a hardcoded credential vulnerability that allows remote, unauthenticated access to internal functionality and data modification. Affected versions are WHD

Missing Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Missing Authorization via the authorization process. A low-privileged attacker can modify minor information by bypassing security measures through sending crafted requests...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...

Adobe Commerce 安全漏洞

Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe USA. A security vulnerability exists in Adobe Commerce that stems from improper authorization. An attacker could exploit the vulnerability to bypass security measures and modify secondary information...

PT-2024-7640 · Unknown · Location Intelligence

Name of the Vulnerable Software and Affected Versions: Location Intelligence versions prior to V4.4 Description: The issue is related to insufficiently strong data encryption. This could allow an unauthenticated attacker in an on-path position to read and modify any data passed over the connectio...

PT-2024-6013 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-p1 through 2.4.4-p9 and earlier Description: The issue is related to an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this...

The vulnerability of the templateadd.php file in the Tailoring Management System allows a malicious individual to execute arbitrary SQL code, gain unauthorized access to read, modify, or delete data, or cause service interruptions.

The vulnerability of the templateadd.php file in the Tailoring Management System relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary SQL code, gain unauthorized access to read, modify, ...

The vulnerability of the Oracle Database Core component of the Oracle Database Server management system allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Oracle Database Core component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...