ROS-20240328-01

GLPI's asset management and data center management software vulnerability is related to the SQL code injection through administration of dashboards. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries...

ROS-20231109-02

Vulnerability in GLPI's request and incident handling system is related to information disclosure. Exploitation exploitation of the vulnerability could allow a remote attacker to obtain user logins. GLPI request and incident handling system vulnerability related to the lack of path filtering by...

PHP-Fusion 7.02.07 Blind SQL Injection Vulnerability

PHP-Fusion versions 7.02.07 and below suffer from a remote blind SQL injection vulnerability in the admin panel. ============================================= MGC ALERT 2015-002 - Original release date: September 18, 2015 - Last revised: October 05, 2015 - Discovered by: Manuel García Cárdenas -...

PHP-Fusion 7.02.07 Blind SQL Injection

============================================= MGC ALERT 2015-002 - Original release date: September 18, 2015 - Last revised: October 05, 2015 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...

Debian Security Advisory DSA 2867-1 (otrs2 - several vulnerabilities)

Several vulnerabilities were discovered in otrs2, the Open Ticket Request System. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-1694 Norihiro Tanaka reported missing challenge token checks. An attacker that managed to take over the session of a logge...

SuSE Update for ruby openSUSE-SU-2013:0278-1 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test $Id: gbsuse201302781.nasl 8542 2018-01-26 06:57:28Z teissa $ SuSE Update for ruby openSUSE-SU-2013:0278-1 ruby Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...

my-colex 1.4.2 (AB/XSS/SQL) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== my-colex 1.4.2 AB/XSS/SQL Multiple Remote Vulnerabilities ===========================================================...

PHP-Nuke x.x AND PostNuke SQL Injection

Hello again, just to say that PostNuke fork of PHP-Nuke is vulnerable to the same bugs AND it is possible to inject different SQL code in order to do other "funny" but "dangerous" things. Note to the guys of those projects: Filter those URL entries!!! Cheers, Pedro Inacio...

CVE-2001-1224

getinput in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack...

RUS-CERT Advisory 2001-08:01

Vulnerabilities in several Apache authentication modules RUS-CERT has discovered that several Apache authentication modules which use SQL databases to store authentication information are vulnerable to a remote SQL code injection attack. Systems Affected Any Apache server using database-based...

RUS-CERT.apache.auth.txt

Vulnerabilities in several Apache authentication modules RUS-CERT has discovered that several Apache authentication modules which use SQL databases to store authentication information are vulnerable to a remote SQL code injection attack. Systems Affected Any Apache server using database-based...