528 matches found
Sql injection
The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter...
Sql injection
The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter...
Sql injection
The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter...
CVE-2018-7773
The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter...
CVE-2018-7772
The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query to determine whether a user is logged in is subject to SQL injection on the loginSeed parameter...
CVE-2018-7765
Schneider Electric U.motion Builder is affected by CVE-2018-7765 via track_import_export.php, where the SQLite query on object_id is vulnerable to SQL injection. Affected versions are prior to v1.3.4. Exploitation could lead to arbitrary SQL execution with high impact (C/H/I/H) as per CVSS3, with...
CVE-2018-1132
A flaw was found in Opendaylight's SDNInterfaceapp SDNI. Attackers can SQL inject the component's database SQLite without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon series release. In addition to...
[SECURITY] Fedora 27 Update: sqlite-3.20.1-2.fc27
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
Whapa - WhatsApp DataBase Parser Tool
Whapa is a whatsapp database parser that automates the process. The main purpose of whapa is to present the data handled by the Sqlite database in a way that is comprehensible to the analyst. The Script is written in Python 2.x The software is divided into three modes: Message Mode : It analyzes...
Wavecrack - Web Interface For Password Cracking With Hashcat
A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Screenshots The homepage Adding an hash to crack Seeing the results and some stats Outline This Web application can be used to launch asynchronous password cracks with hashcat. The...
Schneider Electric U.motion Builder nfcserver Remote Code Execution Vulnerability
U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in the Schneider Electric U.motion Builder nfcserver. The underlying SQLite database query requires SQL injection on the sessionid input parameter. A remote attacker can exploit the...
(0Day) Schneider Electric U.motion Builder HTTP Cookie SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of applets which are exposed on the web service. The...
(0Day) Schneider Electric U.motion Builder loadtemplate SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of loadtemplate.php, which is exposed on the web servic...
(0Day) Schneider Electric U.motion Builder xmlserver SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of xmlserver.php, which is exposed on the web service...
(0Day) Schneider Electric U.motion Builder editobject SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the editobject.php, which is exposed on the web...
(0Day) Schneider Electric U.motion Builder localize SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of localize.php, which is exposed on the web service wi...
(0Day) Schneider Electric U.motion Builder track_import_export SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of trackimportexport.php, which is exposed on the web...
(0Day) Schneider Electric U.motion Builder track_getdata SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of trackgetdata.php, which is exposed on the web servic...
Geography Learning Trivia Quiz - Dynamic Code Loading, External URLs, SQLite database found vulnerabilities
HackApp vulnerability scanner discovered that application Geography Learning Trivia Quiz published at the 'play' market has multiple vulnerabilities...
Open Source Intelligence Automation: Spiderfoot
Open Source Intelligence Automation SpiderFoot is an open source footprinting tool, available for Windows and Linux. It is written in Python and provides an easy-to-use GUI. SpiderFoot obtains a wide range of information about a target, such as web servers, netblocks, e-mail addresses and more...