CVE-2022-48590

A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

Sql injection

A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48591

A SQL injection vulnerability exists in the vendorstate parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the...

CVE-2022-48590

A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48587

A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48586

A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

ROS-20230807-01

A vulnerability in the OpenLDAP protocol implementation is related to the failure to take measures to protect the SQL query structure. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity, and availability of protected information by using a specially...

CVE-2023-3763

A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an...

Design/Logic Flaw

A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an...

CVE-2023-3763 Intergard SGS SQL Query cleartext transmission

A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an...

CVE-2023-3763

CVE-2023-3763 : In Intergard SGS 8.7.0, the SQL Query Handler contains unknown code that permits cleartext transmission of sensitive information. The issue is exploitable remotely over a network; attack complexity is high and no privileges are required from the user. Public disclosure exists, but...

Intergard SGS 安全漏洞

Intergard SGS is a security appliance from the Brazilian company Intergard. A security vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of unknown code in the component SQL Query Handler, resulting in the transmission of sensitive information in clear text...

PT-2023-7027 · Unknown · Intergard Sgs

Name of the Vulnerable Software and Affected Versions: Intergard SGS version 8.7.0 Description: The issue is related to the transmission of sensitive information in cleartext due to a vulnerability in the SQL Query Handler component. This can be exploited remotely, potentially allowing an attacke...

CVE-2023-3743

Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...

Design/Logic Flaw

Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...

CVE-2023-3743 SQL injection vulnerability in LeoTheme's Ap Page Builder

Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the productoneimg parameter to retrieve the information stored in the database...

The vulnerability of the watu_exams function (controllers/exam.php) in the Watu Quiz plugin of the WordPress content management system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the watuexams function controllers/exam.php in the Watu Quiz plugin of the WordPress content management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries...

CVE-2023-3197 MStore API <= 4.0.1 - Unauthenticated SQL Injection

The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible...

The vulnerability of the software for processing and transmitting confidential data in Progress MOVEit Transfer arises from the lack of measures taken to protect the SQL query structure. This allows attackers to enhance their privileges.

The vulnerability of the software for processing and transmitting confidential data in Progress MOVEit Transfer is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

SUSE-SU-2023:2478-1 Security update for mariadb

This update for mariadb fixes the following issues: Updated to version 10.5.20: - CVE-2022-47015: Fixed a denial of service that could be triggered by a crafted SQL query bsc1207404...