8 matches found
CVE-2026-15293
The WP Business Intelligence Lite WordPress plugin (versions up to and including 3.2.0) is affected by an authorization bypass vulnerability. The issue arises because the plugin does not properly verify user permissions before performing an action, enabling authenticated users with Subscriber-lev...
CVE-2026-15293 WP Business Intelligence Lite <= 3.2.0 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary SQL Modification
The WP Business Intelligence Lite plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.2.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
EUVD-2005-2324
Malware in sbrugna...
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
Intuit QuickBooks Desktop 2007 2016 - Arbitrary Code Execution
Intuit QuickBooks Desktop 2007 2016 - Arbitrary Code Execution + Credits: Maxim Tomashevich from Thegrideon Software + Website: https://www.thegrideon.com/ + Details: https://www.thegrideon.com/qb-internals-sql.html Vendor: --------------------- www.intuit.com www.intuit.ca www.intuit.co.uk...
IMP SQL modification
SQL query can be modifyed via username...
SQL modification in <Body>Builder
' is not checked during authorization...
Дырка в NCM Content Management System (SQL modification)
Используя ESC-символы можно модифицировать SQL-запрос...