Lucene search
+L

25 matches found

OSV
OSV
added 2023/03/14 10:15 a.m.6 views

CVE-2023-27462

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.3. The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for...

4.3CVSS6.4AI score0.00524EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 4:13 p.m.7 views

DRUPAL-CONTRIB-2023-005

The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. Previous module versions did not support entity query level access checking, which could have led to information disclosure or access bypass in various places...

6.1AI score
Exploits0References1
CNNVD
CNNVD
added 2021/11/05 12:0 a.m.9 views

Hitachi Vantara Pentaho SQL注入漏洞

Hitachi Vantara Pentaho is a service from Hitachi, Japan, for storing and managing data in big data environments. Hitachi Vantara Pentaho suffers from a SQL injection vulnerability that could allow an unauthenticated user to execute arbitrary SQL queries on a Pentaho data source to retrieve data...

9.8CVSS9.2AI score0.05776EPSS
Exploits3References4
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.28 views

CVE-2002-0571

Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax...

6.4AI score0.0303EPSS
Exploits1References6
NVD
NVD
added 2002/12/31 5:0 a.m.30 views

CVE-2002-2032

sqllayer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sqldebug parameter to 1 index.php and 2 modules.php...

5CVSS7.2AI score0.05854EPSS
Exploits1References2
Rows per page
Query Builder