command injection vulnerabilities and exploits

(subscribe to this query)

A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3); 8.30 versions be...

Gallagher Command Centre Gallagher Command Centre 8.10.1284 Gallagher Command Centre 8.20.1259 Gallagher Command Centre 8.30.1359 Gallagher Command Centre 8.40.1888

SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database....

Gallagher Command Centre Gallagher Command Centre 8.00.1228 Gallagher Command Centre 8.10.1211 Gallagher Command Centre 8.20.1166 Gallagher Command Centre 8.30.1236

Keyfactor Command 10.5.x prior to 10.5.1 and 11.5.x prior to 11.5.1 allows SQL Injection which could result in information disclosure.

Keyfactor Command 10.5.0 Keyfactor Command 11.5.0

Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center prior to 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Citrix Command Center 5.1 Citrix Command Center 5.2

Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote malicious users to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4) admin_...

Doug Poulin Command School Student Management System 1.06.01

12 EDB exploits

Pivotal Greenplum Command Center versions 2.x before 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.

Pivotal Software Greenplum Command Center

Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has ...

Gallagher Command Centre

Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an e...

Microsoft Azure Command-line Interface

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote malicious user to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability b...

Cisco Ios Xe 17.6.1

A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local malicious user to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have le...

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook