3 matches found
SUSE CVE-2018-12097
The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...
UBUNTU-CVE-2020-22278
DISPUTED phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents."...
PT-2006-4654 · Amazing Flash · Amazing Flash Afcommerce Shopping Cart
Name of the Vulnerable Software and Affected Versions: Amazing Flash AFCommerce Shopping Cart affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the search field, potentially leading to unauthorized access or data manipulation...