8 matches found
EUVD-2006-1803
Malware in sbrugna...
TYPO3 SQL Injection in dbal
A flaw in the database escaping API results in a SQL injection vulnerability when extension dbal is enabled and configured for MySQL passthrough mode in its extension configuration. All queries which use the DatabaseConnection::sqlquery are vulnerable, even if arguments were properly escaped with...
WordPress LayerSlider Plugin: SQL Injection Vulnerability
On March 25th, 2024, a critical security vulnerability was discovered in the LayerSlider plugin for WordPress, marked as CVE-2024-2879. The plugins have more than 10 lakh active installations. This flaw, rated with a CVSS score of 7.5 out of 10.0, is identified as an SQL injection vulnerability...
SUSE CVE-2006-1803
Cross-site scripting XSS vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sqlquery parameter...
ZSQL: Check for users with CREATE USER permission
Searches for users and roles with CREATE USER permission and checks whether they are authorized to have it. If this permission is no longer necessary, revoke it. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the 1 unlimnumrows, 2 sqlquery, or 3 pos parameter to a tblexport.php; the 4 sessionmaxrows or 5 pos parameter to b sql.php; the 6 username parameter to c...
CVE-2006-1803
Cross-site scripting XSS vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sqlquery parameter...
CVE-2006-1803
Cross-site scripting XSS vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sqlquery parameter...