Lucene search
+L

472 matches found

CNVD
CNVD
added 2015/09/11 12:0 a.m.3 views

Arbitrary File Upload Vulnerability in Panavision OA System

Panavision OA Office System is a coordination office software. A SQL injection vulnerability exists in Panmicro OA Office System, which can be exploited by an attacker to obtain sensitive information from a website database...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2015/07/08 12:0 a.m.5 views

TCCMSV9.0 Latest Version SQL Injection Vulnerability

TCCMS is a content management system. TCCMSV9.0 has multiple SQL injection vulnerabilities in app/controller/news.class.php, which can be exploited by attackers to either obtain sensitive database information...

8AI score
Exploits0References1
Prion
Prion
added 2015/05/29 3:59 p.m.15 views

Information disclosure

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 allows local users to obtain sensitive database information via unspecified vectors...

2.1CVSS6.1AI score0.00379EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/05/29 3:0 p.m.22 views

CVE-2015-0200

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 allows local users to obtain sensitive database information via unspecified vectors...

5.6AI score0.00379EPSS
Exploits0References4
Prion
Prion
added 2014/10/31 10:55 a.m.15 views

Authentication flaw

IBM Tivoli Application Dependency Discovery Manager TADDM 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted UR...

3.5CVSS6.3AI score0.01008EPSS
Exploits0References4Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

IPBProArcade 2.5 - Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacke...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/06/21 12:0 a.m.47 views

[Full-disclosure] [DSF-02-2009] - Zoki Catalog SQL Injection

Ref. DSF-02-2009 - Zoki Catalog SQL Injection Vendor: Zoki Soft www.zokisoft.com Status: Patched by vendor Original advisory: http://www.davidsopas.com/2009/06/15/zoki-catalog-sql-injection/ Zoki Catalog Smart Catalog is unique and convenient software. It is designed for many purposes whether you...

0.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/05/12 4:20 p.m.19 views

CVE-2008-1880

The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISCPASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password...

5CVSS5.9AI score0.0212EPSS
Exploits1References1
Prion
Prion
added 2008/05/12 4:20 p.m.15 views

Default configuration

The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISCPASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password...

5CVSS7AI score0.0212EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2008/05/12 4:20 p.m.18 views

CVE-2008-1880

The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISCPASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password...

5CVSS6.5AI score0.0212EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2004/11/20 12:0 a.m.29 views

IPBProArcade 2.5 - SQL Injection

source: https://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacker may leverage this issue to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/06/06 12:0 a.m.24 views

Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities

Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities source: https://www.securityfocus.com/bid/4957/info It has been reported that multiple vulnerabilities exist in CBMS. Reportedly, it is possible to inject both JavaScript and SQL code into the system. It may be possible to execute...

0.1AI score
Exploits0
Rows per page
Query Builder