22 matches found
EUVD-2023-1243
Malicious code in bioql PyPI...
CVE-2023-30545
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...
CVE-2023-51710
EMS SQL Manager 3.6.2 build 55333 for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed...
CVE-2023-51710
EMS SQL Manager 3.6.2 build 55333 for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed...
CVE-2023-51710
EMS SQL Manager 3.6.2 build 55333 for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed...
CVE-2023-51710
EMS SQL Manager 3.6.2 build 55333 for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed...
PT-2024-14254 · Unknown · Ems Sql Manager
Name of the Vulnerable Software and Affected Versions: EMS SQL Manager version 3.6.2 build 55333 for Oracle Description: The issue allows DLL hijacking, enabling a user to trigger the execution of arbitrary code every time the product is executed. Recommendations: For EMS SQL Manager version 3.6....
CVE-2023-51710
EMS SQL Manager 3.6.2 (build 55333) for Oracle is affected by a DLL hijacking vulnerability that can allow a local user to execute arbitrary code on product startup. Root cause: DLL hijack during launch. Impact per sources: arbitrary code execution with LOW confidentiality/integrity/availability ...
CVE-2023-39016
bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument...
PT-2023-26738 · Unknown · Bboss-Persistent
Name of the Vulnerable Software and Affected Versions: bboss-persistent versions 6.0.9 and below Description: The issue is related to a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecke...
Arbitrary File Read
prestashop/prestashop is vulnerable to Arbitrary File Read. An attacker can read arbitrary files when using the SQL function LOADFILE in a SELECT request through the SQL manager...
GHSA-8R4M-5P6P-52RP Arbitrary file read via SQL injection
Impact It is possible for a user having access to the SQL Manager Advanced Options - Database to arbitrary read any file on the Operating system when using SQL function LOADFILE in a SELECT request. So It can access to critical information. Patches The patch will be on PS 8.0.4 and PS 1.7.8.9...
SQL filter bypass leading to arbitrary write requests using "SQL Manager"
Impact SQL filtering vulnerability, a BO user can write, update and delete in the database, even without having specific rights. Patches PrestaShop 8.0.4 and 1.7.8.9 will contain the patch. Workarounds no References no...
GHSA-P379-CXQH-Q822 SQL filter bypass leading to arbitrary write requests using "SQL Manager"
Impact SQL filtering vulnerability, a BO user can write, update and delete in the database, even without having specific rights. Patches PrestaShop 8.0.4 and 1.7.8.9 will contain the patch. Workarounds no References no...
CVE-2023-30545
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...
Design/Logic Flaw
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...
CVE-2023-30545 PrestaShop arbitrary file read vulnerability
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...
e107 Persistant XSS vulnerability
Exploit for php platform in category web applications Exploit Title: E107 CMS Persistant XSS vulnerability Google Dork: "intitle:e107 powered website" | inurl:e107admin | ... Date: 18/02/2013 Exploit Author: Zyklon B Vendor Homepage: http://e107.org/ Software Link:...
Mini PHP Shell 27.9 V2 Released
Mini PHP Shell 27.9 V2 Released According to Developer josalijoe and Devilzc0de "This is a continuation of PHP Shell Mini 27.9 V1 , Editing Shell c99 and new tools ". Features : Encoder , Processes , FTP-Brute-Forcer , Server-Information , SQL-Manager and etc. Download : Disclaimer : Use at your...
WSO Web Shell 2.5.1 Download
This utility provides a Web interface for remote operation c operating system and its service / daemon. Opportunity Description / features: Authorization for cookies Server Information File manager copy, rename, move, delete, chmod, touch, creating files and folders View, hexview, editing,...