CVE-2026-40812

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions sn parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-40812 Unauthenticated SQLi in getLiveValues function

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions sn parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

SonicWALL NSA 2400 Improper Neutralization of Input During Web Page Generation (CVE-2014-2589)

Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter. This plugin only works with Tenable.ot. Please visit...

NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44576)

NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability can be exploited to execute arbitrary...

CVE-2020-15029

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter...

SQL Injection Vulnerability in the sn*** Parameters of the School Worry-Free Online Exam System

School Worry-free online examination system adopts the Internet technology, quickly builds the online examination system platform, comprehensively realizes the network, paperless and automation of the examination work. School Worry-free online examination system sn parameters exist SQL injection...

CVE-2016-5312

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. dot dot in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream...

CVE-2016-5679

cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transferlicense command...

佳讯行销国际网站cms news_detail.php sn参数 SQL注入

No description provided by source...

PT-2014-4798 · Sonicwall · Sonicwall Network Security Appliance

Name of the Vulnerable Software and Affected Versions: SonicWall Network Security Appliance NSA 2400 Description: The issue is related to a cross-site scripting XSS vulnerability in the Dashboard Backend service, specifically in the stats/dashboard.jsp component. This vulnerability allows remote...

CVE-2009-3539

Multiple cross-site scripting XSS vulnerabilities in YourFreeWorld Ultra Classifieds Pro allow remote attackers to inject arbitrary web script or HTML via the 1 cname parameter to subclass.php and the 2 sn parameter to listads.php...

CVE-2009-3539

Multiple cross-site scripting XSS vulnerabilities in YourFreeWorld Ultra Classifieds Pro allow remote attackers to inject arbitrary web script or HTML via the 1 cname parameter to subclass.php and the 2 sn parameter to listads.php...

Sql injection

SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute arbitrary SQL commands via the sn parameter...