306 matches found
Sql injection
A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter...
openSUSE Security Update : phpMyAdmin (openSUSE-2018-387)
This update for phpMyAdmin to version 4.8.0.1 fixes the following issues : - CVE-2018-10188: Possible execution of arbitrary SQL statements via manipulated URLs boo1090309 This version also contains a number of upstream changes, improvements, new functions and bug fixes. %NASLMINLEVEL 70300 C...
phpMyAdmin 4.8.0 4.8.0-1 - Cross-Site Request Forgery
phpMyAdmin 4.8.0 4.8.0-1 - Cross-Site Request Forgery Exploit Title: phpMyAdmin 4.8.0 Drop database 3. Solution: Upgrade to phpMyAdmin 4.8.0-1 or newer. 4. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
Sql injection
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
DEBIAN-CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
SQL Injection
Dolibarr is vulnerable to multiple SQL injection attacks. The searchcountry, searchtypethirdparty, viewstatut, viewstatut, searchsale, and searchuser user-supplied values are not escaped before being placed into an SQL statement...
CVE-2017-1002026
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function editeventcategory does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement...
CVE-2017-1002025
Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement...
CVE-2017-2513
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute...
CVE-2017-2513
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute...
Memory corruption
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...
Buffer overflow
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...
Buffer overflow
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...
Design/Logic Flaw
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers to execute...
CVE-2017-2520
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2017-2520
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2017-2519
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2017-2519
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...