590 matches found
CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service
An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...
Malicious code in snowflake-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e15140a694c9304d2ab29ca8a9ecac46015c9e9df1c8b008570aad1162e4d04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6193 Malicious code in snowflake-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e15140a694c9304d2ab29ca8a9ecac46015c9e9df1c8b008570aad1162e4d04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SQL Injection Vulnerability in Snowflake Cloud IDC Hosting Sales System
Snowflake Cloud IDC Hosting Sales System is an IDC hosting system by Snowflake Cloud. Snowflake Cloud IDC Hosting Sales System suffers from an SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...
snowflakechalets.fr Cross Site Scripting vulnerability OBB-1473623
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
X (Formerly Twitter): Private list members disclosure via GraphQL
Summary: Due to improper queries of GraphQL, the attacker can steal members of the private list. Description: Twitter implements a unique GraphQL endpoint, which can use only the queries that Twitter specified. However, there is a flaw in the backend...
Humhub Insecure Password Validation / Reset
Humhub insecure password validation and reset design + Discovered by: Jos Wetzels + Affects: Humhub password == $this-hashPassword$password Here a hash of the user-supplied password gets compared to the stored hash in an insecure manner, since PHP's loose type comparison operators compare only...
SnowFlake CMS 1.0 Beta5.2 SQL Injection
Exploit Title: Powered by SnowFlake Content Management System SQL Injection Date: 19th july 2010 Author: Dinesh Arora Critical:high Affected / Tested Version : 1.0 beta5.2 Sample Affected Parameter: uid contact: [email protected] Greetz to :b0nd, Fbih2s,Beenu,Charles ,j4ckh4x0r, punter,eberl...
SnowFlake CMS 0.9.5 Beta - uid SQL Injection
SnowFlake CMS 0.9.5 Beta - uid SQL Injection source: https://www.securityfocus.com/bid/41791/info SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
SnowFlake CMS 0.9.5 Beta - 'uid' SQL Injection
source: https://www.securityfocus.com/bid/41791/info SnowFlake CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...