7 matches found
SUSE CVE-2009-4605
scripts/setup.php aka the setup script in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the 1 configuration and 2 v0 parameters, which might allow remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors...
CVE-2022-30012
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...
Sql injection
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...
CVE-2022-30012
In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection...
CVE-2022-30012
The CVE-2022-30012 entry affects HMS v.0. In the POST request to appointment.php, multiple parameters expose SQL injection vulnerabilities that can disclose database information. The issue is documented across CVE/NVD entries and corroborated by CNVD/Red Hat/CNVD entries, all stating SQL injectio...
Cross site request forgery (csrf)
scripts/setup.php aka the setup script in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the 1 configuration and 2 v0 parameters, which might allow remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors...
CVE-2009-4605
scripts/setup.php aka the setup script in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the 1 configuration and 2 v0 parameters, which might allow remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors...