8093 matches found
SQL Injection Vulnerability in Duoduocms V8.3_UTF8_20180131 Official Version
DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. DuoDuoRebate duoduocms V8.3UTF820180131 official version of the existence of SQL injection vulnerability. The vulnerability stems from the system on the parameters of the...
Debian DSA-4178-1 : libreoffice - security update
Two vulnerabilities were discovered in LibreOffice's code to parse MS Word and Structured Storage files, which could result in denial of service and potentially the execution of arbitrary code if a malformed file is opened. C Tenable Network Security, Inc. The descriptive text and package checks ...
[SECURITY] [DSA 4178-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4178-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 20, 2018 https://www.debian.org/security/faq -...
CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
Zoho ManageEngine Desktop Central Database Query Type Restriction Under-Execution Vulnerability
ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...
Debian: Security Advisory (DSA-4178-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA11596 SB vulnerability in LibreOffice
Use after free vulnerability was found in Structured Storage parser. Malicious users can exploit this vulnerability via writing to recently freed data to bypass security restrictions. Original advisories CVE-2018-10119 Use After Free in Structured Storage parser Related products LibreOffice CVE...
CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
DEBIAN-CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
Format string
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
SQL Injection Vulnerability in Website Construction System of Ningxia Hongfeng Network Technology Co.
Ningxia Hongfeng Network Technology Co., Ltd. is Ningxia Yinchuan area specializing in Internet services nature of the enterprise, to provide enterprise website construction, personal website production, 400 telephone for, website revision, website promotion, SEO keyword optimization, e-commerce...
UBUNTU-CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...
Zhengzhou Yuanchen Culture Communication Co., Ltd. website construction system has SQL injection vulnerabilities
Zhengzhou Yuanchen Culture Communication Co., Ltd. is a high-tech enterprise engaged in the Internet, specializing in providing a full set of e-commerce solutions for many enterprises. There is a SQL injection vulnerability in the website construction system of Zhengzhou Yuanchen Culture...
iScripts eSwap SQL Injection Vulnerability
IScripts eSwap is an item trading program from IScripts Inc. that supports the use of virtual currency or direct item exchange. The program supports the use of virtual currencies to trade or directly exchange items.User Panel is one of the user panels. A SQL injection vulnerability exists in...
Xuzhou Xunbang Technology Co., Ltd. website construction system has SQL injection vulnerabilities
Xuzhou Xunbang Technology Co., Ltd. is engaged in enterprise website design and production, shopping mall website production, marketing website production, mobile APP development, WeChat public platform, cell phone / micro-site production, Baidu optimization and promotion, 360 search promotion,...
The vulnerability in the `track_import_export.php` script of the U.motion builder system allows a perpetrator to execute arbitrary SQL queries against the database.
The vulnerability of the trackimportexport.php script of the U.motion builder system, a system for managing industrial and residential buildings, is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL...
Navarino Infinity SQL Injection Vulnerability
Navarino Infinity is a maritime bandwidth management and optimization solution from Navarino Greece. The solution can be used to equip many types of vessels. A SQL injection vulnerability exists in Navarino Infinity version 2.1.7. A remote attacker could exploit the vulnerability to inject SQL...