45 matches found
CVE-2022-2504
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection. This issue affects SDD-Baro: before 2.8.432...
CVE-2022-2504
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.This issue affects SDD-Baro: before 2.8.432...
CVE-2022-2504
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection. This issue affects SDD-Baro: before 2.8.432...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.This issue affects SDD-Baro: before 2.8.432...
CVE-2022-2504 SQLi in SDD-Baro
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection. This issue affects SDD-Baro: before 2.8.432...
CVE-2022-2504
CVE-2022-2504 is an SQL Injection vulnerability in SDD-Baro prior to version 2.8.432, caused by improper neutralization of special elements in SQL commands. Affected product: SDD-Baro (SDD Computer Software). The NVD/NVD-listed data shows a high-impact, CRITICAL severity (CVSS v3.1: CVSS:3.1/AV:N...
SDD Bilgisayar Yazılım SDD-Baro SQL注入漏洞
SDD Bilgisayar Yazılım SDD-Baro is an application from SDD Bilgisayar Yazılım, Turkey. A security vulnerability exists in SDD Bilgisayar Yazılım SDD-Baro versions prior to 2.8.432, which stems from an unsatisfactory neutralization of a particular element used by the software, leading to SQL...
PT-2023-12777 · Sdd-Baro · Sdd-Baro
Name of the Vulnerable Software and Affected Versions: SDD-Baro versions prior to 2.8.432 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...
sdd-gmbh.de Cross Site Scripting vulnerability OBB-2912436
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
sdd-gmbh.de Cross Site Scripting vulnerability OBB-2805958
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
colorcat (>=0.0.2 <=0.2.10), karg (=0.1.2) +10 more potentially affected by CVE-2020-7618 +1 more via sds (>=1.14.1 <=4.4.0)
sds NPM version =1.14.1, =0.0.2, =0.2.2, =0.55.1, =1.0.0, =0.0.1, =0.1.1, =0.0.1, =1.0.3, =0.4.16, =0.1.1, =1.0.1, =1.0.2 Source cves: CVE-2020-7618, CVE-2022-25862 Source advisory: OSV:GHSA-PH28-WWFJ-FV7F...
Omron CX-One SDD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SDD...
SICK SOPAS ET has an unspecified vulnerability
Sick Sopas Et is an engineering tool from the German company Sick.A security vulnerability exists in versions prior to SICK SOPAS ET 4.8.0, which could be exploited by an attacker to package any executable file into an SDD and make it available to SOPAS ET users...
Design/Logic Flaw
SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks...
CVE-2021-32497
Summary of CVE-2021-32497 (SICK SOPAS ET) : Prior to version 4.8.0, SOPAS ET allows an attacker to wrap an arbitrary executable into an SDD and hand it to a user. When the SOPAS ET emulator is started, the embedded executable may run without further checks, enabling code execution under the local...
CVE-2021-32497
SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks...
Design/Logic Flaw
SAS Drug Development SDD before 32DRG02 mishandles logout actions, which allows a user who was previously logged in to access resources by pressing a back or forward button in a web browser...
CVE-2007-6763
CVE-2007-6763 concerns SAS Drug Development (SDD) prior to 32DRG02, which mishandles logout actions. According to the sources, a user who was previously authenticated can regain access to resources by using the browser’s back or forward buttons after logout. The vulnerability is described consist...
Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control
John Heasman of NGSSoftware has discovered a high risk vulnerability in the HP Instant Support Driver Check SDD ActiveX control, which is marked safe for scripting. The vulnerability affects the following version of the SDD control: HP Instant Support Driver Check versions prior to 1.5.0.3 This...
HP Instant Support Driver Check HPSDDX Class (SDD) ActiveX (sdd.dll) queryHub Function Overflow
The remote host contains the SDD ActiveX control, a part of HP Instant Support. The version of this control on the remote host is reportedly affected by a buffer overflow that can be triggered by a long argument to its 'queryHub' method. If an attacker can trick a user on the affected host into...