SQL Injection

Overview NHibernate is a mature, open source object-relational mapper for the .NET framework. It is actively developed, fully featured and used in thousands of successful projects. Affected versions of this package are vulnerable to SQL Injection when passing unescaped user input to...

CVE-2024-33546 WordPress WZone plugin <= 14.0.10 - Arbitrary SQL Update Execution vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10...

WordPress WZone plugin <= 14.0.33 - Arbitrary SQL Update Execution vulnerability

Arbitrary SQL Update Execution vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WZone versions = 14.0.33...

EulerOS Virtualization 3.0.2.2 : cyrus-sasl (EulerOS-SA-2023-1250)

According to the versions of the cyrus-sasl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE...

cyrus-sasl security update

2.1.23-15.0.1.2 - Escape password for SQL insert/update commands CVE-2022-24407Orabug: 33936121...

Slackware Linux 14.2 / 15.0 / current cyrus-sasl Multiple Vulnerabilities (SSA:2022-055-01)

The version of cyrus-sasl installed on the remote host is prior to 2.1.28. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-055-01 advisory. - cyrus-sasl aka Cyrus SASL 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of- service in...

MyBB Profile Wii Friend Code - Multiple Vulnerabilities

Exploit Title: MyBB Profile Wii Friend Code SQLi/Persistent XSS Dork: intitle:"Profile of" intext:"Wii Friend Code" inurl:member.php Date: 1/3/2013 Exploit Author: Ichi Vendor Homepage: http://mods.mybb.com/view/profile-wii-friend-code Software Link:...