Thu, 17 May 2018 20:10:15 GMT
SuperCom Online Shopping Ecommerce Cart 1 XSS / CSRF / SQL Injection
SuperCom Online Shopping Ecommerce Cart 1 suffers from remote SQL injection, cross site request forgery, and cross site scripting vulnerabilities.
Mon, 14 May 2018 17:32:46 GMT
NodAPS 4.0 Cross Site Request Forgery / SQL Injection
NodAPS version 4.0 suffers from cross site request forgery and remote SQL injection vulnerabilities.
Sun, 13 May 2018 09:33:33 GMT
ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI
ProjectPier versions 0.8.8 and below suffer from remote file inclusion, authentication bypass, remote shell upload, and remote SQL injection vulnerabilities.
Fri, 11 May 2018 08:21:00 GMT
XATABoost 1.0.0 SQL Injection
XATABoost version 1.0.0 suffers from a remote SQL injection vulnerability.
Thu, 10 May 2018 10:04:19 GMT
HP Security Bulletin MFSBGN03807 1
HP Security Bulletin MFSBGN03807 1 - A potential security vulnerability has been identified with Service Manager. The vulnerability could be exploited to perform SQL Injection against the Service Manager Web Tier which may lead to unauthorized disclosure of data. Revision 1 of this advisory.
Fri, 04 May 2018 17:41:31 GMT
HP Security Bulletin MFSBGN03806 1
HP Security Bulletin MFSBGN03806 1 - A potential security vulnerability has been identified in Micro Focus Network Automation and Network Operations Management (NOM) Suite. The vulnerabilities could be remotely exploited to allow SQL injection, persist cross-site scripting, and non-persistent HTML Injection. Revision 1 of this advisory.
Thu, 03 May 2018 01:58:14 GMT
CSP MySQL User Manager 2.3.1 SQL Injection
CSP MySQL User Manager version 2.3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Fri, 27 Apr 2018 14:12:11 GMT
Trovebox 4.0.0-rc6 SQL Injection / Bypss / SSRF
Trovebox versions 4.0.0-rc6 and below suffer from authentication bypass, server-side request forgery, unsafe token generation, nd remote SQL injection vulnerabilities.
Thu, 26 Apr 2018 14:17:28 GMT
Test Your IQ 1.1 SQL Injection
Test Your IQ version 1.1 suffers from a remote SQL injection vulnerability.
Wed, 18 Apr 2018 14:44:44 GMT
HRSALE The Ultimate HRM 1.0.2 SQL Injection
HRSALE The Ultimate HRM version 1.0.2 suffers from a remote SQL injection vulnerability.
Mon, 16 Apr 2018 10:11:11 GMT
MySQL Squid Access Report 2.1.4 Cross Site Scripting / SQL Injection
MySQL Squid Access Report version 2.1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
Thu, 12 Apr 2018 15:52:34 GMT
Cobub Razor 0.8.0 SQL Injection
Cobub Razor version 0.8.0 suffers from a remote SQL injection vulnerability.
Wed, 11 Apr 2018 16:00:52 GMT
IMP XForm 2.0 DatalifeEngine SQL Injection
The IMP XForm version 2.0 DatalifeEngine module suffers from a remote SQL injection vulnerability.
Tue, 10 Apr 2018 21:11:11 GMT
Relevanssi 3.5.12 / 3.6.0 SQL Injection
Relevanssi versions 3.5.12 and 3.6.0 suffer from a remote SQL injection vulnerability.
Fri, 30 Mar 2018 15:49:27 GMT
OCS Inventory NG ocsreports 2.4 / 2.3.1 SQL Injection
OCS Inventory NG ocsreports versions 2.4 and 2.3.1 suffer from remote SQL injection vulnerabilities.
Thu, 29 Mar 2018 14:17:54 GMT
CA Workload Automation AE / CA Workload Control Center SQL Injection / Code Execution
CA Technologies Support is alerting customers to two potential risks with CA Workload Automation AE and CA Workload Control Center. Two vulnerabilities exist that can allow a remote attacker to conduct SQL injection attacks or execute code remotely. The first vulnerability in CA Workload Automation AE has a medium risk rating and concerns insufficient data validation that can allow an authenticated remote attacker to conduct SQL injection attacks. The second vulnerability in CA Workload Control Center has a high risk rating and concerns an Apache MyFaces configuration that can allow an authenticated remote attacker to conduct remote code execution attacks.
Thu, 29 Mar 2018 14:13:05 GMT
Joomla Fields SQL Injection / Code Execution
This Metasploit module exploits a SQL injection vulnerability in the com_fields component, which was introduced to the core of Joomla in version 3.7.0.
Mon, 26 Mar 2018 02:33:33 GMT
Square 9 GlobalForms 6.2.x Blind SQL Injection
Square 9 GlobalForms versions 6.2.x and below suffer from a remote blind SQL injection vulnerability.
Tue, 20 Mar 2018 12:22:22 GMT
MSSQL Error-Based SQL Injection
Whitepaper that discusses error-based SQL injection in "Order By" clause in MSSQL.
Tue, 13 Mar 2018 23:49:45 GMT
Vehicle Sales Management System XSS / Shell Upload / SQL Injection
Vehicle Sales Management System suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.
Thu, 08 Mar 2018 23:44:44 GMT
Textpattern 4.6.2 SQL Injection
Textpattern versions 4.6.2 and below suffer from a remote SQL injection vulnerability.
Thu, 08 Mar 2018 22:22:22 GMT
Bacula-Web SQL Injection
Bacula-Web versions prior to 8.0.0-RC2 suffer from multiple remote SQL injection vulnerabilities.
Wed, 07 Mar 2018 18:27:42 GMT
Tuleap 184.108.40.206 SQL Injection
Tuleap version 220.127.116.11 suffers from a remote SQL injection vulnerability.
Tue, 27 Feb 2018 23:22:22 GMT
Redaxo CMS Addon MyEvents 2.2.1 SQL Injection
Redaxo CMS Addon MyEvents version 2.2.1 suffers from a remote SQL injection vulnerability.
ClipBucket SQL Injection / Command Injection / File Upload
ClipBucket versions prior to 4.0.0 Release 4902 suffer from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.
view page: 205