Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2025/05/22 10:9 a.m.7 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

9.8CVSS8.1AI score0.07941EPSS
Exploits3References1
checkpoint_advisories
checkpoint_advisories
added 2020/11/16 12:0 a.m.55 views

NAPC Xinet Elegant 6 Asset Library SQL injection (CVE-2019-19245)

An SQL injection vulnerability exists in NAPC Xinet Elegant 6 Asset Library. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

7.5CVSS4AI score0.07941EPSS
Exploits3
nvd
nvd
added 2019/12/02 2:15 p.m.40 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

9.8CVSS9.9AI score0.07941EPSS
Exploits3References3
prion
prion
added 2019/12/02 2:15 p.m.19 views

Sql injection

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

7.5CVSS9.8AI score0.07941EPSS
Exploits3References2Affected Software1
cvelist
cvelist
added 2019/12/02 1:54 p.m.45 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

10AI score0.07941EPSS
Exploits3References2
cve
cve
added 2019/12/02 1:54 p.m.64 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 is affected by a Pre-Authentication SQL Injection in the /elegant6/login endpoint via the LoginForm[username] field when double quotes are used. Root cause is lack of input validation allowing SQL statements to be injected before authentic...

9.8CVSS9.9AI score0.07941EPSS
Exploits3References3Affected Software1
cnvd
cnvd
added 2019/12/02 12:0 a.m.5 views

NAPC Xinet Elegant 6 Asset Library Web Interface SQL Injection Vulnerability

The NAPC Xinet interface Elegant 6 Asset Library is a web-based interface to the XIET asset management solution. A SQL injection vulnerability exists in NAPC Xinet interface Elegant 6 Asset Library version 6.1.655. The vulnerability stems from a lack of validation of externally entered SQL...

9.8CVSS8.2AI score0.07941EPSS
Exploits3References1
packetstorm
packetstorm
added 2019/11/30 12:0 a.m.326 views

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAPC-XINET-ELEGANT-6-ASSET-LIBRARY-WEB-INTERFACE-PRE-AUTH-SQL-INJECTION.txt + ISR: ApparitionSec Vendor www.napc.com Product Xinet Elegant 6 Asset Library Web Interface v6.1.655 Web based...

0.4AI score0.07941EPSS
Exploits3
zdt
zdt
added 2019/11/30 12:0 a.m.193 views

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection Vulnerability

NAPC Xinet interface Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginFormusername field when double quotes are used. + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

10AI score0.07941EPSS
Exploits3
Rows per page
Query Builder