EUVD-2026-18013

Payload has an SQL Injection via Query Handling...

PT-2026-5283

EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without...

SUSE CVE-2021-47853

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47853

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

PT-2026-3806

Name of the Vulnerable Software and Affected Versions phpPgAdmin version 7.13.0 Description An authenticated attacker can execute arbitrary system commands through SQL query manipulation. This is achieved by creating a custom table, uploading a malicious .txt file, and utilizing the COPY FROM...

CVE-2022-39303

Ree6 is a moderation bot. This vulnerability allows manipulation of SQL queries. This issue has been patched in version 1.7.0 by using Javas PreparedStatements, which allow object setting without the risk of SQL injection. There are currently no known workarounds...

GLSA-202402-16 : Apache Log4j: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-16 Apache Log4j: Multiple Vulnerabilities - Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with ...

OESA-2022-1781 log4j12 security update

With log4j it is possible to enable logging at runtime without modifying the application binary. Security Fixes: By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converte...

EulerOS 2.0 SP3 : log4j (EulerOS-SA-2022-1744)

According to the versions of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j...

SUSE SLED15 / SLES15 Security Update : log4j12 (SUSE-SU-2022:0226-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0226-1 advisory. - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write acce...

CVE-2022-23305

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings...

Design/Logic Flaw

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings...

CVE-2022-23305

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings...

Disc Organization System (DORG) Multiple Vulnerabilities

Disc Organization System DORG is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dorg:dorg";...

Fonality trixbox Multiple Vulnerabilities - Active Check

Fonality trixbox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Dotclear Multiple Vulnerabilities

Dotclear is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotclear:dotclear"; ifdescription...

Ganesha Digital Library Multiple Vulnerabilities

Ganesha Digital Library is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Free Hosting Manager <= 2.0.2 Multiple Vulnerabilities - Active Check

Free Hosting Manager is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AuraCMS 1.62 - Multiple SQL Injections

AuraCMS 1.62 - Multiple SQL Injections !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 1.62 Multiple Remote SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 1.62 Vendor : http://www.auracms.org/...

auracms15-sql.txt

AuraCMS version 1.5rc - Multiple Remote SQL Injection Vulnerabilities Vendor : http://www.auracms.org/ Ditemukan oleh : k1tk4t - k1tk4t4tnewhack.org Lokasi : Indonesia -- newhackdotorg @ irc.dal.net // Kutu pada berkas 'hal.php' baris-7 $perintah="SELECT FROM halaman WHERE id=$id"; $hasil =...