Information disclosure

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726...

CVE-2021-39018

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726...

Cross-site Scripting (XSS)

dolibarr/dolibarr is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious script as it does not handle SQL error page properly...

Cross-site Scripting in Dolibarr

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

GHSA-F2G5-426F-353Q Cross-site Scripting in Dolibarr

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

Cross site scripting

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

Dolibarr 12.0.5 is vulnerable to Cross Site Scripting XSS via Sql Error Page...

CVE-2022-30875

CVE-2022-30875 affects Dolibarr 12.0.5 and is described as a Cross-Site Scripting (XSS) vulnerability exploitable via the SQL Error Page. The connected records reiterate the same issue across multiple repositories (Red Hat, OSV, CNVD, GHSA, etc.) but do not provide concrete technical details beyo...

PT-2022-20362 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 12.0.5 Description: The issue is related to Cross Site Scripting XSS via the Sql Error Page. This means that an attacker could potentially inject malicious scripts into the website, which would then be executed by the user's...

Nextcloud: Missing length validation of user displayname allows to generate an SQL error

Security advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6w9f-jgjx-4vj6...

U.S. Dept Of Defense: System Error Reveals SQL Information

Hello, While testing your program i came across an endpoint that is leaking sql errors and queries from on of your websites. I use the following google dork to detect this: site:████████ "sql error" Endpoints leaking data: https://www.██████/██████████ https://www.███████/███ Some of the errors...

Super Store Finder 3.3 Cross Site Scripting

Exploit type : XSS INJECTION Exploit title : Super Store Finder Add location XSS Injection Descriptions : XSS injection from adding store and reflected XSS in SQL error login page PHP Script affected : Super Store Finder | Mega Locator Plugin URI : http://www.superstorefinder.net/ Version : 3.3 a...

Code injection

The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2019-04686)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. A cross-site scripting vulnerability exists in the build of SQL-ERR messages in the includes/database.php file of ZoneMinder versions prior to 1.32.3, which can be exploited b...

DEBIAN-CVE-2019-8425

includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages...

MyBB Downloads 2.0.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Downloads 2.0.3 - SQL Injection Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://github.com/vintagedaddyo/MyBBPlugin-Downloads...