Cross site request forgery (csrf)

The Contest Gallery WordPress plugin before 19.1.5, Contest Gallery Pro WordPress plugin before 19.1.5 do not escape the optionid POST parameter before concatenating it to an SQL query in edit-options.php. This may allow malicious users with at least author privilege to leak sensitive information...

Cross site request forgery (csrf)

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgoptionid POST parameter before concatenating it to an SQL query in export-votes-all.php. This may allow malicious users with administrator privileges i.e. on multisite...

PT-2022-25916 · WordPress · Contest Gallery Pro +1

Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 19.1.5.1 Contest Gallery Pro WordPress plugin versions prior to 19.1.5.1 Description: The issue allows malicious users with at least author privilege to leak sensitive information from the...

Privilege Escalation

puppetdb is vulnerable to privilege escalation. The vulnerability exists due to the lack of input query validation in the library, allowing an attacker to delete user tables via malicious sql query...

CVE-2022-1578 My wpdb < 2.5 - Arbitrary SQL Query via CSRF

The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack...

CVE-2022-1578 My wpdb < 2.5 - Arbitrary SQL Query via CSRF

The My wpdb WordPress plugin before 2.5 is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack...

My wpdb < 2.5 - Arbitrary SQL Query via CSRF

The plugin is missing CSRF check when running SQL queries, which could allow attacker to make a logged in admin run arbitrary SQL query via a CSRF attack document.getElementById"test".submit;...

CVE-2022-39362

Metabase is affected by CVE-2022-39362 due to unsafely auto-executing unsaved/native SQL queries in certain older releases. Affected versions include 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 (prior to patch). The underlying issue allowed native queries to be executed aut...

CVE-2022-39361

Metabase (data visualization platform) contains a CVE-2022-39361 affecting H2 (Sample Database) prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, enabling Remote Code Execution when a user can write SQL queries against H2. The issue is mitigated by disallowing ...

PT-2022-24930 · Metabase · Metabase

Name of the Vulnerable Software and Affected Versions: Metabase versions prior to 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 Description: The issue concerns the automatic execution of unsaved SQL queries, which could pose a possible attack vector. Metabase has addressed th...

5 Steps for Dealing With Unknown Environments in InsightVM

Trying to deal with a large network can be difficult. All too often, engineers and admins don't know the full scope of their environment and have trouble defining the actual subnets and the systems that exist on those subnets. They know of a couple /24 subnets here or there, but it's very possibl...

CVE-2022-35864

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue results from the lack of...

CVE-2022-34968

An issue in the fetchstep function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service DoS via a SQL query...

Design/Logic Flaw

An issue in the fetchstep function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service DoS via a SQL query...

CVE-2022-34968

An issue in the fetchstep function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service DoS via a SQL query...

PT-2022-22463 · Percona · Percona Server For Mysql

Name of the Vulnerable Software and Affected Versions: Percona Server for MySQL version 8.0.28-19 Description: An issue in the fetch step function allows attackers to cause a Denial of Service DoS via a SQL query. Recommendations: For Percona Server for MySQL version 8.0.28-19, consider disabling...

Translatepress Multilinugal < 2.3.3 - Admin+ SQLi

The plugin is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. PoC To exploit the vulnerability, someone must send a...

PT-2022-22975 · Bmc · Bmc Track-It!

Name of the Vulnerable Software and Affected Versions: BMC Track-It! version 20.21.02.109 Description: This issue allows remote attackers to disclose sensitive information on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the...

SQL Injection

francoisjacquet/rosariosis is vulnerable to SQL injection. It does not escape the input DB identifier in RegistrationSave.fnc.php, Calendar.php, MarkingPeriods.php, SchoolFields.php, AddressFields.php, PeopleFields.php, StudentFields.php & UserFields.php, allowing an attacker to inject malicious...

Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can leverage this...