1303 matches found
Sql injection
A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...
CVE-2016-6443
A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...
CVE-2016-6443
CVE-2016-6443 affects Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM) with a SQL database interface vulnerability. The issue is a lack of input validation in SQL queries, allowing an authenticated, remote attacker to execute a subset of arbitrary SQL statements that can...
osquery - SQL powered operating system instrumentation, monitoring, and analytics
osquery is an operating system instrumentation framework for OS X and Linux. The tools make low-level operating system analytics and monitoring both performant and intuitive. Platform | Build status | | | ---|---|---|---|--- OS X 10.9 | | | Homepage: | https://osquery.io OS X 10.10/11 | | |...
ShoreTel Connect ONSITE Blind SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ShoreTel Connect ONSITE Blind SQL Injection Vulnerability ======================================================================= vulnerability type: Unauthenticated Blind SQL Injection product: ShoreTel Connect ONSITE vulnerable version: 20.xx.xxxx...
ShoreTel Connect ONSITE - Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: ShoreTel Connect ONSITE Blind SQL Injection Vulnerability Date: 19-09-2016 Software Link: https://www.shoretel.com/resource-center/shoretel-connect-onsite-overview Exploit Author: Iraklis Mathiopoulos Contact:...
ShoreTel Connect ONSITE - Blind SQL Injection
ShoreTel Connect ONSITE - Blind SQL Injection Exploit Title: ShoreTel Connect ONSITE Blind SQL Injection Vulnerability Date: 19-09-2016 Software Link: https://www.shoretel.com/resource-center/shoretel-connect-onsite-overview Exploit Author: Iraklis Mathiopoulos Contact: https://twitter.com/imath...
ShoreTel Connect ONSITE - Blind SQL Injection
Exploit Title: ShoreTel Connect ONSITE Blind SQL Injection Vulnerability Date: 19-09-2016 Software Link: https://www.shoretel.com/resource-center/shoretel-connect-onsite-overview Exploit Author: Iraklis Mathiopoulos Contact: https://twitter.com/imath Website: https://medium.com/@iraklis Category:...
WordPress Ninja Forms Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress Ninja Forms Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
CVE-2016-6317
A flaw was found in the way Active Record handled certain special values in dynamic finders and relations. If a Ruby on Rails application performed JSON parameter parsing, a remote attacker could possibly manipulate search conditions in SQL queries generated by the application...
Moodle 2.3.x < 2.3.9 / 2.4.x < 2.4.6 / 2.5.x < 2.5.2 Multiple Vulnerabilities
Binary data 9418.prm...
Fedora 24 : phpMyAdmin (2016-e3240782ec)
phpMyAdmin 4.6.2 2016-05-25 ============================= - security User SQL queries can be revealed through URL GET parameters, see PMASA-2016-14 - security Self XSS vulneratbility, see PMASA-2016-16 - Use https for documentation links - Fix schema export with too many tables - Avoid parsing no...
Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities
Exploit for php platform in category web applications AWBS v2.9.6 Multiple Remote Vulnerabilities Vendor: Total Online Solutions, Inc. Product web page: http://www.awbs.com Affected version: 2.9.6 Platform: PHP Summary: Whether starting new or looking to expand your existing web hosting and/or...
Nagios XI Multiple Vulnerabilities (Jun 2016)
Nagios XI is prone to multiple vulnerabilities. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.105749. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Cisco Cloud Network Automation Provisioner SQL Injection Vulnerability
A vulnerability in the web framework of Cisco Cloud Network Automation Provisioner CNAP could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate user-supplied input in SQL...
Cisco Prime Collaboration Assurance 10.5.1.x < 10.5.1.58480 Multiple Vulnerabilities
According to its self-reported version number, the remote Cisco Prime Collaboration Assurance device is 10.5.1.x prior to 10.5.1.58480. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the web framework of Cisco Prime Collaboration...
CVE-2016-1035
Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors...
CVE-2016-1035
Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors...
Multiple XSS vulnerabilities.
PMASA-2016-11 Announcement-ID: PMASA-2016-11 Date: 2016-02-25 Summary Multiple XSS vulnerabilities. Description By sending a specially crafted URL as part of the HOST header, it is possible to trigger an XSS attack. A weakness was found that allows an XSS attack with Internet Explorer versions...
Ramui Forum Script 9.0 - SQL Injection
Title: Ramui forum script 9.0 SQL Injection Exploit Author: bd0rk Twitter: twitter.com/bd0rk Vendor: http://www.ramui.com/ Download: http://ramui.com/forum-script/download-v9.html Google-Dork: n/a ---Script-Kiddie protection! : Direct SQL-Path: n/a ---Script-Kiddie protection! : Description: I've...