Bank Locker Management System suffers from a remote SQL injection vulnerability.
46a04657e32ff403a333ece7b5aa8f9a4a9f589a69f49b77ec5ba36c7e157381CSZCMS version 1.3.0 suffers from a remote SQL injection vulnerability in the admin flows.
ae0da5ea3e511b33cc9334f738b7b17c7cb166561b48d4de7d469531e1996b5dA command injection vulnerability exists in multiple GL.iNet network products, allowing an attacker to inject and execute arbitrary shell commands via JSON parameters at the gl_system_log and gl_crash_log interface in the logread module. This Metasploit exploit requires post-authentication using the Admin-Token cookie/sessionID (SID), typically stolen by the attacker. However, by chaining this exploit with vulnerability CVE-2023-50919, one can bypass the Nginx authentication through a Lua string pattern matching and SQL injection vulnerability. The Admin-Token cookie/SID can be retrieved without knowing a valid username and password. Many products are vulnerable.
b2bca998991626f23b36c98d002d2080249ea5f70d1ddbf836bc60a85c0470dfEmployee Management System version 1.0 suffers from a remote SQL injection vulnerability.
2cdd7465daf80c1c6af2cb65f841da2c989782f7f35a4a454a78069803f07728xbtitFM versions 4.1.18 and below suffer from remote shell upload, remote SQL injection, and path traversal vulnerabilities.
ef1507c81f76ecec6734de5bc13c14f9dd0d27fd26b16cae52e43d8b56f7e84bWordPress RSVPMaker plugin versions 9.3.2 and below suffer from a remote SQL injection vulnerability.
66e514c92c46238d6305ed7cb7d15ec7a2822168dde570f73013b430aa0764fcTaokeyun versions up to 1.0.5 suffers from a remote SQL injection vulnerability.
1f422c49bad5c6f9ab4afd9b61892e4f89f1c8e3f531ea9bd64603a009bccfa3Copyright Loan Management System 2024 version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass.
81f2d79192a8ae08e110a5c85c1e86c81fdde2f0e93634dadfd078e332a66370AdvantechWeb/SCADA version 9.1.5U suffers from a post authentication remote SQL injection vulnerability.
c61d51ef9791032ac5aeeaa9f4123f947e54a3c585126f417601ad70cf5716ccsqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
11ff3ec22c20f9df79ec9d008e2f17311a5e18930cc1feb4e4ad744271565916Hospital Management System versions 4.0 and below suffer from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.
4c4cb4162e1a493a04ab18896d55ef8649d628f41d3426944382f8e72a0ea4f9GilaCMS versions 1.15.4 and below suffer from multiple remote SQL injection vulnerabilities.
73c5a34456c9dc83524cdea6fd790c6eac1c9f507a29917a6b2476535df6f2a6Red Hat Security Advisory 2023-7885-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
6a8d45290a1026c18b076c098659a061e49cef14545a2f513022e5cfaae97ab9Red Hat Security Advisory 2023-7884-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
71d7661c625a0dc790f1aed4426234a1d2b63827de983c2b9ca8dfb682327b67Red Hat Security Advisory 2023-7883-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
27f6e6d3f72873d3d1a97bdf0df810ec30ccd140e3202bd97649ec9340236739Red Hat Security Advisory 2023-7785-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
fd224759d5871662f48127697379d92b5f89e521c74205be98613db0c81f7c73Red Hat Security Advisory 2023-7784-03 - An update for postgresql is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
91f1698b4b85e0e8cc4b5f8c58ec1528b72264225f5f844df0a1bff98419dcb0Red Hat Security Advisory 2023-7772-03 - An update for rh-postgresql13-postgresql is now available for Red Hat Software Collections. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
26ab9a9353f9439f0d28b3f1db6c8784f3b0c583998b708386a843f71915fc33Red Hat Security Advisory 2023-7770-03 - An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
529f90c9237e1f7c15d1a1906ee4207ad4f6ef961e7e81f9da69c0cc423fcf8dRed Hat Security Advisory 2023-7714-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
3d26c4f99aebd1731f51d03f611a872f688dfd65f0f3c294529dd09f9a67a62bWordPress Bravo Translate plugin versions 1.2 and below suffer from a remote SQL injection vulnerability.
750d445c7417c2b636e7b6b368812a42a4f059377a25294366d7806ad1002d36osCommerce version 4 suffers from a remote SQL injection vulnerability.
62e3c86662a5a7dc80a64578c1e8e84e6137000a8e5c4faf36b2fef3dddbaf32Red Hat Security Advisory 2023-7695-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
6b45ff23954dd19b7ae5a1905b00a633834753da483202d4fca7355f0d246dc3Red Hat Security Advisory 2023-7694-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
c2ef26323aeba2495a61846d3aa33c27839062155ee71168665183c448245e95Red Hat Security Advisory 2023-7667-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
19a0489de04fb625cb6cf8139ffba94b6c7595a5be8df1952ebd0f1dccd104c8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed