1492 matches found
PostgreSQL 9.4.x < 9.4.22 / 9.5.x < 9.5.17 / 9.6.x < 9.6.13 / 10.x < 10.8 / 11.x < 11.3 Multiple vulnerabilities
The version of PostgreSQL installed on the remote host is 9.4.x prior to 9.4.22, 9.5.x prior to 9.5.17, 9.6.x prior to 9.6.13, 10.x prior to 10.8, or 11.x prior to 11.3. It is, therefore, affected by multiple vulnerabilities. - A remote code execution vulnerability exists in both, the BigSQL and...
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)
The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 and is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An application may be able to read restricted memory CVE-2019-8603, CVE-2019-8560 - An application may be able to execute arbitrary code wit...
phpBB 3.2.5 Denial Of Service Vulnerability
Vulnerability information ========================= Title: phpBB Native Fulltext Search denial of service CVE ID: CVE-2019-9826 CVSSv3 score: 8.6 AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Vulnerability description ========================= Improper input validation in the Native Fulltext Search compone...
Joomla Component XMap SQL Injection Vulnerability
Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the Joomla component XMap. The flaw is due to input passed to 'index.php' via the 'view=' and 'itemID=' parameters failing to be properly filtered before being used in SQL queries. An attacker could...
Quest NetVault Backup Server Code Execution / SQL Injection
Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding the bug Version: Quest NetVault Backup Server 11.4.5 CVE : CVE-2017-17417 There is a decent...
Joomla AcePolls 3.x SQL Injection
Exploit Title : Joomla AcePolls 3.x SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 10/02/2019 Vendor Homepage : joomace.net Software Download Link : joomace.net/downloads/acepolls...
Joomla JComments 3.0.5 SQL Injection
Exploit Title : Joomla JComments Components 3.0.5 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 31/01/2019 Vendor Homepage : joomlatune.com Software Download Link : joomlatune.com/jcomments-downloads.html Software Information Link :...
CMSsite 1.0 SQL Injection
Exploit Title: CMSsite 1.0 - 'search' SQL injection Exploit Author : Majid kalantari [email protected] Date: 2019-01-27 Vendor Homepage : https://github.com/VictorAlagwu/CMSsite Software link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Windows 10 CVE: N/A...
WordPress Snax 4.9.x SQL Injection
Exploit Title : WordPress Snax Plugins 4.9.x SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : snax.bringthepixel.com Software Information Link : codecanyon.net/item/snax-viral-frontend-uploader/16540363 Software Version ...
Apple iOS < 12.1.3 Multiple Vulnerabilities
Binary data appleios1213check.nbin...
CVE-2018-1000871
HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in "idutentemod" parameter in gestioneutenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done...
CVE-2018-1000871
HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in "idutentemod" parameter in gestioneutenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done...
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is...
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is...
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is...
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs...
Joomla! 3.1.x < 3.8.0 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists related to SQL query handling that allows disclosure of article introduction text when such articles are in the archived state. Note that only versions 3.7.0...
Joomla! 3.7.x < 3.8.0 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists related to SQL query handling that allows disclosure of article introduction text when such articles are in the archived state. Note that only versions 3.7.0...
Joomla! 3.0.x < 3.8.0 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists related to SQL query handling that allows disclosure of article introduction text when such articles are in the archived state. Note that only versions 3.7.0...
Joomla! 2.5.x < 3.8.0 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists related to SQL query handling that allows disclosure of article introduction text when such articles are in the archived state. Note that only versions 3.7.0...