School Management System CMS 1.0 - username SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: School Management System CMS 1.0 - Admin Login SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage: https://www.wecodex.com/item/view/school-management-system-in-php-and-mysql/5...

CVE-2018-2876

Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications subcomponent: RIB KernalApache Commons Collections. The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

CVE-2018-2857

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2018-2572

Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite subcomponent: Installation. Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

CVE-2018-2738

Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-2742

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite subcomponent: Framework. Supported versions that are affected are 12.2.2 and 12.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2587

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware subcomponent: Web Server Plugin. Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2017-14465

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

Vulnerability of the Server:Partition component of the MySQL database management system, which allows attackers to gain privileges to modify, add, or delete data, or to cause service interruptions.

The vulnerability of the Server:Partition component of the MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain privileges to modify, add, or delete data, or cause service failures...

Cross site request forgery (csrf)

Some URLs provided by Jenkins global-build-stats plugin version 1.4 and earlier returned a JSON response that contained request parameters. These responses had the Content Type: text/html, so could have been interpreted as HTML by clients, resulting in a potential reflected cross-site scripting...

CVE-2018-2724

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2018-2712

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2018-2719

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

CVE-2018-2681

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products subcomponent: Security. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2018-2656

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite subcomponent: Data Manager Server. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2018-2654

Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products subcomponent: Company Dir / Org Chart Viewer. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2018-2643

Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications subcomponent: Case Selection. Supported versions that are affected are 7.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus...

CVE-2018-2567

Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications subcomponent: Portal. Supported versions that are affected are 7.2.4.1.x, 7.2.4.2.x, 7.3.0.x.x and 7.3.0.1.x. Easily exploitable vulnerability allows unauthenticated attacker wi...

Oracle Mysql Security Updates (jan2018-3236628) 03 - Windows

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescription...

PT-2018-2398 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.13 and prior Description: The issue is related to insufficient access control in the MySQL Server component of Oracle MySQL, specifically in the Server: Replication subcomponent. This can be exploited by a...