15 matches found
EUVD-2002-0226
Malware in sbrugna...
EUVD-2017-8973
Malware in sbrugna...
EUVD-2006-1215
Malware in sbrugna...
EUVD-2016-10656
Malware in sbrugna...
CVE-2020-11545
Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters account.php, uname and pass parameters login.php, and id parameter bookcar.php This allows an attacker to dump the MySQL database and to bypass the login...
CVE-2022-26117
An empty password in configuration file vulnerability CWE-258 in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI...
Inout RealEstate 2.1.3 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
PT-2023-18545 · Unknown +1 · Mysql Server +2
Name of the Vulnerable Software and Affected Versions: a12nserver versions prior to 0.23.0 Description: The issue affects users of a12nserver who use MySQL, making them potentially vulnerable to SQL injection bugs. This could allow an attacker to obtain OAuth2 Access Tokens for unrelated users. T...
CVE-2022-26117
An empty password in configuration file vulnerability CWE-258 in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI...
SQL injection vulnerability exists in the open-source version of the UX365 web site navigation (CNVD-2021-24439)
Youkai 365 Web site navigation open source version is based on PHP + MYSQL development and construction of open source Web site catalog management system. Uke365 Web site navigation open source version of the existence of SQL injection vulnerability . Attackers can exploit the vulnerability to...
Sql injection
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...
CVE-2019-1010248
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...
CVE-2017-17822
The List Users API of Piwigo 2.9.2 is vulnerable to SQL Injection via the /admin/userlistbackend.php sSortDir0 parameter. An attacker can exploit this to gain access to the data in a connected MySQL database...
CVE-2017-17823
The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php orderby array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database...
AdCycle does not adequately validate user input thereby allowing for SQL injection
Overview AdCycle does not adequately filter user input, allowing remote attackers to execute arbitrary MySQL queries. Description AdCycle is a shareware banner ad management system written in Perl and designed to work with a MySQL database. AdCycle does not adequately filter multiple unspecified...