sql injection vulnerabilities and exploits

(subscribe to this query)

Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.

Cisco Security Agent 6.0

Unspecified vulnerability in Cisco Security Agent 5.2 prior to 5.2.0.285, when running on Linux, allows remote malicious users to cause a denial of service (kernel panic) via "a series of TCP packets."

Cisco Security Agent 5.2

Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 up to and including 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote malicious users to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.

Dws Systems Inc. Sql-ledger 2.2.0 Dws Systems Inc. Sql-ledger 2.2.1 Dws Systems Inc. Sql-ledger 2.2.2 Dws Systems Inc. Sql-ledger 2.2.3 Dws Systems Inc. Sql-ledger 2.2.4 Dws Systems Inc. Sql-ledger 2.2.5 Dws Systems Inc. Sql-ledger 2.2.6 Dws Systems Inc. Sql-ledger 2.2.7 Dws Systems Inc. Sql-ledger 2.4.0 Dws Systems Inc. Sql-ledger 2.4.1 Dws Systems Inc. Sql-ledger 2.4.2 Dws Systems Inc. Sql-ledger 2.4.3

SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.

Geek247 Pigmy-sql Geek247 Pigmy-sql 1.4

1 EDB exploit

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Othe...

Oracle Supply Chain Products Suite 7.2.0.3 Oracle Supply Chain Products Suite Sql-server 7.3.0 Oracle Supply Chain Products Suite Sql-server 7.3.1 Oracle Supply Chain Products Suite Sql-server 12.2.0 Oracle Supply Chain Products Suite Sql-server 12.2.1 Oracle Supply Chain Products Suite Sql-server 12.2.2

1 EDB exploit

SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.

Typo3 Sql Frontend Extension Typo3 Sql Frontend Extension 1.0.0 Typo3 Sql Frontend Extension 1.0.1 Typo3 Sql Frontend Extension 1.0.2 Typo3 Sql Frontend Extension 1.0.3 Typo3 Sql Frontend Extension 1.0.4 Typo3 Sql Frontend Extension 1.0.5 Typo3 Sql Frontend Extension 1.0.6 Typo3 Sql Frontend Extension 1.0.7 Typo3 Sql Frontend Extension 1.0.8 Typo3 Sql Frontend Extension 1.0.9 Typo3 Sql Frontend Extension 1.0.10

Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote malicious users to hijack the authentication of arbitrary users for requests that change a password via the login, new_password, and confirm_password parameters in a preferences action.

Sql-ledger Sql-ledger 2.8.24

Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description field in the Accounts Receivables menu item for Add Transaction, (2) the Description field in the Accounts ...

Sql-ledger Sql-ledger 2.8.24

Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operatio...

Sql-ledger Sql-ledger 2.8.24

Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the countrycode field.

Sql-ledger Sql-ledger 2.8.24

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook