ManageEngine OPManager version 12.3 suffers from a remote SQL injection vulnerability.
2038e67567ecd2a777571f2252fa6b92Whitepaper called Bulk SQL Injection Test on Burp Requests.
015a5df23a932e148b23801dae4afc8fWordPress Arigato Autoresponder and Newsletter plugin version 2.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
7d535ca7853080a8b831de38f014cd8aJoomla JCK Editor version 6.4.4 suffers from a remote SQL injection vulnerability.
bb4dcc781bf8291fcb89bca0e79c2be7WordPress Survey and Poll plugin version 1.5.7.3 suffers from a remote SQL injection vulnerability.
ec78593c5c35b39a6cdcccb35f3b890fIBM Identity Governance and Intelligence versions 5.2.3.2 and 5.2.4 suffer from a remote SQL injection vulnerability.
143ea4633be11aadac7f92dae35cfe22MedDream PACS Server Premium version 6.7.1.1 suffers from a remote SQL injection vulnerability.
e3c7b5aea5926e6a6fc5c802a2d9e235Jorani Leave Management System version 0.6.5 suffers from a remote SQL injection vulnerability.
b9d073e0f52274c2d881d797ea56b2e5sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
001dd095cf0009c79d3e957e256abc10mooSocial Store plugin version 2.6 suffers from a remote SQL injection vulnerability.
88047c637215ff023f411a46712a9bccSimple POS version 4.0.24 suffers from a remote SQL injection vulnerability.
8b7c516a3acac9cf6f707b6406102fe6CODE49 version 1 suffers from a remote SQL injection vulnerability.
094f82765b97f679c2b5f6f6ed3ca81dCA Technologies Support is alerting customers to multiple potential risks with CA PPM (formerly CA Clarity PPM). Multiple vulnerabilities exist that can allow an attacker to conduct a variety of attacks. The first vulnerability has a medium risk rating and concerns an SSL password being stored in plain text, which can allow an attacker to access sensitive information. The second vulnerability has a high risk rating and concerns an XML external entity vulnerability in the XOG functionality, which can allow a remote attacker to access sensitive information. The third vulnerability has a high risk rating and concerns two parameters that fail to properly sanitize input, which can allow a remote attacker to execute SQL injection attacks. The fourth vulnerability has a high risk rating and concerns improper input validation by the gridExcelExport functionality, which can allow a remote attacker to execute reflected cross-site scripting attacks. The fifth vulnerability has a medium risk rating and concerns an XML external entity vulnerability in the XOG functionality, which can allow a remote attacker to conduct server side request forgery attacks.
1994691a99dbf07449b0f2c84758dbcaOnline Quiz Maker version 1.0 suffers from a remote SQL injection vulnerability.
d6058509bf38a146ca12aac5a5e5f395AZORult Stealer version 2 suffers from a remote SQL injection vulnerability.
57a793d60877ad75ac3176ec2f5fc757sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
f8172574e6c94b3c3fdce9988fe1d65eSentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability.
75109311c86f8a28209fc71033934ee5WordPress Gift Voucher plugin version 1.0.5 suffers from a remote SQL injection vulnerability.
b36e4e0fd40baca9af4da1cabae446a3Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffer from remote SQL injection vulnerabilities in the media server.
49608d47de2121c9942d55cc4e76e5dbOSCAR EMR version 15.21beta361 suffers from remote code execution, cross site request forgery, cross site scripting, denial of service, deserialization, remote SQL injection, and path traversal vulnerabilities.
6823c6acccafa60cd8d4e4359d2ae81fTwitter-Clone version 1 suffers from a remote SQL injection vulnerability.
8b5be1a1c8dd4806859ff941dc62e770Creasotol version 1.0 suffers from a remote SQL injection vulnerability in the administrative panel that allows for login bypass.
6ae40ddadd24cbbd4aff44b57ddc9c89RSA Archer contains a fix for a SQL injection vulnerability, in the embedded WorkPoint component that could potentially be exploited by malicious users to compromise the affected system. Versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1 are affected.
3852729ce0e730b73f4569d30de414aaWordPress Chained Quiz plugin versions 1.0.8 and below suffer from a remote SQL injection vulnerability.
7a64b19be3286b5bbf861eea4dd33c52Pimcore versions 5.2.3 and below suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
d808a938be664e7caf308aa18e9de8b5
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed