ROS-20260417-73-0009

Vulnerability in glpi-plugin-mreporting related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the WeGIA web manager for charitable organizations stems from the failure to implement measures to protect the SQL query structure, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the WeGIA web manager for charitable organizations is related to the failure to implement measures to protect the SQL query structure when processing the id parameter. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

The vulnerability of the control.php script of the WeGIA web manager allows a hacker to execute arbitrary code.

The vulnerability of the control.php script of the WeGIA web manager is related to the failure to protect the SQL query structure when processing the cargo parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the NetMRI network monitoring program lies in its failure to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the NetMRI network monitoring program lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerabilities of the DBMS_XMLGEN and DBMS_XMLQUERY functions of the XWiki Platform, a platform for creating collaborative web applications. This allows attackers to execute arbitrary code.

The vulnerability of the DBMSXMLGEN and DBMSXMLQUERY functions of the XWiki Platform for creating collaborative web applications is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending...

The vulnerability of the Polarion ALM application lifecycle management software lies in the lack of measures taken to protect the SQL query structure, allowing an attacker to execute arbitrary SQL code.

The vulnerability of the Polarion ALM application lifecycle management software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

The vulnerability of the LockTcmSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the LockTcmSettings method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

The vulnerability of TP-Link M7200 4G LTE Mobile Wi-Fi Router’s microprogramming software lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of TP-Link M7200 4G LTE Mobile Wi-Fi Router’s microprogramming software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted SQL code remotel...

The vulnerability of the Login Dashboard component of TP-Link’s router software lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the Login Dashboard component of TP-Link’s microprogramming router TL-WR840N relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted SQL code...

The vulnerability of the UnlockDatabaseSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the UnlockDatabaseSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to bypass security...

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...

The vulnerability of the ImportDatabase method in software for managing and monitoring deleted objects in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ImportDatabase method in software for managing and monitoring removed objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerability of the Apache Fineract digital financial services platform, related to the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary SQL code.

The vulnerability of the Apache Fineract digital financial services platform lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL code...

The vulnerability of the Centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to influence the confidentiality, accessibility, and integrity of the protected information.

The vulnerability of the centreon-web component of the IT infrastructure monitoring software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to influence the confidentiality, accessibility, and integrity of the protect...

GHSA-8VWH-PR89-4MW2 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

A vulnerability has been discovered in Laravel Pulse that could allow remote code execution through the public remember method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within t...

CVE-2024-55661 Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public remember method in the...

The vulnerability of the addRelatedObjects function in the universal monitoring system Zabbix allows attackers to increase their privileges.

The vulnerability of the addRelatedObjects function in the universal monitoring system Zabbix is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges by sending specially crafted SQL queries...

The vulnerability of the Windows Active Directory (AD) management and reporting software Zoho ManageEngine ADAudit Plus lies in the lack of protection for SQL query structures, allowing attackers to execute custom queries and gain access to database table records.

The vulnerability of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute custom queries and gain access to database table...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...