CVE-2025-50187

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28...

EUVD-2017-17291

Malware in sbrugna...

EUVD-2023-39100

Malicious code in bioql PyPI...

CVE-2023-1547

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection.This issue affects Parkmatik: before 02.01-a51...

CVE-2023-1547

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection. This issue affects Parkmatik: before 02.01-a51...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection.This issue affects Parkmatik: before 02.01-a51...

CVE-2023-1547 SQLi in Elra Computers Parkmatik

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection. This issue affects Parkmatik: before 02.01-a51...

CVE-2023-1547 SQLi in Elra Computers Parkmatik

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection. This issue affects Parkmatik: before 02.01-a51...

CVE-2023-35064

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering. This issue affects Satos Mobile: before 20230607...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering.This issue affects Satos Mobile: before 20230607...

CVE-2023-35064 SQLi in Satos Mobile

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering. This issue affects Satos Mobile: before 20230607...

CVE-2023-35064

The CVE-2023-35064 issue affects Satos Mobile and is a SQL Injection via SOAP parameter tampering, caused by improper neutralization of special elements in SQL commands. Affected before 20230607. CVSS v3.1: 9.8 (CRITICAL); network access, no authentication or user interaction required, high impac...

PT-2023-25120

Name of the Vulnerable Software and Affected Versions Satos Mobile versions prior to 20230607 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection through SOAP Parameter Tamperin...

SUSE CVE-2004-0722

Integer overflow in the SOAPParameter object constructor in 1 Netscape version 7.0 and 7.1 and 2 Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code...

CVE-2017-8330

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in...

Input validation

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in...

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting XSS attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL...