Lucene search
K

630 matches found

OSV
OSV
added 2011/02/02 1:0 a.m.1 views

DEBIAN-CVE-2010-4652

Heap-based buffer overflow in the sqlpreparewhere function contrib/modsql.c in ProFTPD before 1.3.3d, when modsql is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly...

6.8CVSS8.1AI score0.11335EPSS
Exploits1References1
seebug.org
seebug.org
added 2009/11/24 12:0 a.m.18 views

MySQL拒绝服务和客户端证书校验漏洞

MySQL是一款流行的数据库服务程序。 MySQL存在多个安全漏洞,恶意攻击者可以进行拒绝服务和伪造攻击。 -链接OpenSSL库的MySQL客户端包含的"vioverifycallback"函数存在错误,MySQL服务器如果使用深度为零的证书,攻击者可以进行中间人攻击。 -对在WHERE子句中包含子查询的"SELECT"缺少错误处理和指派一个SELECT结果给用户变量,这个结果可导致服务程序崩溃。 -当处理Geometry值作为第一个参数时"GeomFromWKB"函数不正确保留参数的空值标记,可导致服务程序崩溃。 MySQL 5.x MySQL...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/11/23 12:0 a.m.12 views

MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service

MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service source: https://www.securityfocus.com/bid/37297/info MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions. An attacker can exploit these issues to crash the...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2009/08/18 10:0 a.m.24 views

CVE-2008-6992

GreenSQL Firewall greensql-fw, possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL...

7.7AI score0.01382EPSS
Exploits2References6
exploitpack
exploitpack
added 2008/03/09 12:0 a.m.11 views

QuickTicket 1.5 - qti_usr.php SQL Injection

QuickTicket 1.5 - qtiusr.php SQL Injection Script name: QuickTicket Site: http://www.qt-cute.org Vulnerability: remote sql injection at qtiusr.php Download: v 1.4: http://www.qt-cute.org/download/qti14.zip v 1.5.0.3: http://www.qt-cute.org/download/qti15.zip Vulnerable code: 1.4 ; 1.5 is pretty t...

0.1AI score
Exploits0
Prion
Prion
added 2007/01/19 11:28 p.m.29 views

Sql injection

Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via 1 the searchword parameter in certain files; the where parameter in 2 plugins/search/content.php or 3 plugins/search/weblinks.php; the text parameter in 4...

6.8CVSS9.2AI score0.11638EPSS
Exploits2References11Affected Software1
securityvulns
securityvulns
added 2006/05/09 12:0 a.m.33 views

[Full-disclosure] Secunia Research: Where Is It unacev2.dll Buffer Overflow Vulnerability

====================================================================== Secunia Research 09/05/2006 - Where Is It unacev2.dll Buffer Overflow Vulnerability - ====================================================================== Table of Contents Affected...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/01 12:0 a.m.53 views

multihtml.c.exploit.txt

Multihtml.c Security Advisory Pot Kettle Industries Topic: Multihtml.c exploit remote vulnerability Category: Remote for Remote Vendor: bansh33 , r00tabega security labs Announced: 2005-06-10 Credits: Pot Kettle Industries Affects: All Platforms Corrected: N/A URL: http://potkettle.net/advisories...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/04/19 4:0 a.m.17 views

CVE-2005-1178

SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature...

7.9AI score0.01737EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/04/13 12:0 a.m.169 views

SQL Injection in Oracle Forms

SQL Injection in Oracle Forms V1.00 © 2005 by Red-Database-Security GmbH 1/5 Summary: All Oracle Forms applications are vulnerable against SQL Injection by default. Oracle Applications =11.5.9 is not affected due to the default setting value “FORMSxxRESTRICTENTERQUERY = TRUE”. About Oracle Forms:...

8.1AI score
Exploits0
Rows per page
Query Builder