6 matches found
The vulnerability of the Rapid7 Nexpose vulnerability management system lies in the insufficient protection of the SQL query structure. This allows attackers to manipulate the “ANY” and “OR” operators in SearchCriteria, thereby allowing them to inject malicious SQL code.
The vulnerability of the Rapid7 Nexpose vulnerability management system is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to manipulate the “ANY” and “OR” operators in SearchCriteria and introduce malicious SQL code...
Rapid7 Nexpose has an unspecified vulnerability (CNVD-2022-21217)
Rapid7 Nexpose is a set of vulnerability management software from Rapid7, Inc. that can use the scan results to deeply probe the network. Rapid7 Nexpose version 6.6.93 and earlier versions have a security vulnerability that stems from the fact that Rapid7 Nexpose version 6.6.93 and earlier versio...
CVE-2022-0757
Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow a logged-in, authenticated attacker to manipulate the "ANY" and "OR" operators in the SearchCriteria and inject SQL code...
CVE-2022-0757
Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow a logged-in, authenticated attacker to manipulate the "ANY" and "OR" operators in the SearchCriteria and inject SQL code...
rad-inc.vasculardomain.com XSS vulnerability
Open Bug Bounty ID: OBB-614277 Description| Value ---|--- Affected Website:| rad-inc.vasculardomain.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
floridavascular.com XSS vulnerability
Open Bug Bounty ID: OBB-614276 Description| Value ---|--- Affected Website:| floridavascular.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...