Format string

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

SQL Injection Vulnerability in Website Construction System of Ningxia Hongfeng Network Technology Co.

Ningxia Hongfeng Network Technology Co., Ltd. is Ningxia Yinchuan area specializing in Internet services nature of the enterprise, to provide enterprise website construction, personal website production, 400 telephone for, website revision, website promotion, SEO keyword optimization, e-commerce...

UBUNTU-CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

Zhengzhou Yuanchen Culture Communication Co., Ltd. website construction system has SQL injection vulnerabilities

Zhengzhou Yuanchen Culture Communication Co., Ltd. is a high-tech enterprise engaged in the Internet, specializing in providing a full set of e-commerce solutions for many enterprises. There is a SQL injection vulnerability in the website construction system of Zhengzhou Yuanchen Culture...

iScripts eSwap SQL Injection Vulnerability

IScripts eSwap is an item trading program from IScripts Inc. that supports the use of virtual currency or direct item exchange. The program supports the use of virtual currencies to trade or directly exchange items.User Panel is one of the user panels. A SQL injection vulnerability exists in...

Xuzhou Xunbang Technology Co., Ltd. website construction system has SQL injection vulnerabilities

Xuzhou Xunbang Technology Co., Ltd. is engaged in enterprise website design and production, shopping mall website production, marketing website production, mobile APP development, WeChat public platform, cell phone / micro-site production, Baidu optimization and promotion, 360 search promotion,...

The vulnerability in the `track_import_export.php` script of the U.motion builder system allows a perpetrator to execute arbitrary SQL queries against the database.

The vulnerability of the trackimportexport.php script of the U.motion builder system, a system for managing industrial and residential buildings, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL...

Navarino Infinity SQL Injection Vulnerability

Navarino Infinity is a maritime bandwidth management and optimization solution from Navarino Greece. The solution can be used to equip many types of vessels. A SQL injection vulnerability exists in Navarino Infinity version 2.1.7. A remote attacker could exploit the vulnerability to inject SQL...

Anhui Zhishengyuan Information Technology Co., Ltd. website construction system has SQL injection vulnerabilities

Anhui Zhishengyuan Information Technology Co., Ltd. is an e-commerce operator with Internet technology as its core. There is a SQL injection vulnerability in the website construction system of Anhui Zhishengyuan Information Technology Co. An attacker can exploit the vulnerability to obtain...

CVE-2018-5463

A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas LCDS LTDA ME LAquis SCADA 4.1.0.3391 and earlier may allow code execution...

Foreman SQL Injection Vulnerability

Foreman is a complete lifecycle management tool for physical and virtual servers. A SQL injection vulnerability exists in Foreman versions prior to 1.16.1. The vulnerability arises due to an input validation flaw in the id field in Foreman's dashboard controller. An attacker can exploit the...

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor : LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment : LAquis SCADA Vulnerability : Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the device an attacker...

The vulnerability of the NVBUBackup request handler’s software for data archiving and restoration by NetVault Backup allows a perpetrator to execute arbitrary code.

The vulnerability of the NVBUBackup request handler in software for data archiving and restoration by NetVault Backup is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the NVBUPhaseStatus Acknowledge request handler in the software for NetVault Backup’s data archiving and restoration capabilities allows a attacker to execute arbitrary code.

The vulnerability of the NVBUPhaseStatus Acknowledge request handler in software for NetVault Backup’s data archiving and restoration functions is related to insufficient protection of the SQL query structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability of the NVBUPhaseStatus Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUPhaseStatus Get request handler in NetVault Backup software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the NVBUSelectionSet Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUSelectionSet Get request handler in NetVault Backup software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code...

The vulnerability of the NVBUPhaseStatus GetPlugins request handler in NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUPhaseStatus GetPlugins handler in NetVault Backup software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...