CVE-2019-25439

NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the Referer HTTP header field. Attackers can craft requests with time-based SQL injection payloads in the Referer header to extract sensitive...

AegisBlock: a Privacy-Preserving Medical Research Framework Using Blockchain

Due to HIPAA and other privacy regulations, it is imperative to maintain patient privacy while conducting research on patient health records. In this paper, we propose AegisBlock, a patient-centric access controlled framework to share medical records with researchers such that the anonymity of th...

GHSA-QMP9-2XWJ-M6M9 Blind SQL injection in shopware

Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...

Blind SQL injection in shopware

Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...

Sql injection

Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations...

Online Market Place Site SQL注入漏洞

Online Market Place Site is an online marketplace site by Carlo Montero Personal Developer. Online Market Place Site version 1.0 suffers from a SQL injection vulnerability that stems from an unauthenticated blind SQL injection vulnerability that allows remote attackers to dump a SQL database via...