Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) user parameter to /api/man
Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.4 and CO2Scope <= 1.3.4 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) timeago, (2) user, (3) fil
Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers, with low privileges, to (1) add an admin user via the /api/user/addalia
Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the (1) username or (2) password
Multiple incorrect access control issues in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers, with low privileges, to (1) add an admin user via the /api/user/addal
Code Injection vulnerability in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary code to /api/license/sendlicense/.
Multiple Code Injection vulnerabilities in EasyVirt DC NetScope <= 8.7.0 allows remote authenticated attackers to execute arbitrary code via the (1) lang parameter to /international/keyboard/options;
Multiple cross-site scripting (XSS) vulnerabilities in EasyVirt DC NetScope <= 8.6.4 allow remote attackers to inject arbitrary JavaScript or HTML code via the (1) smtp_server, (2) smtp_account, (3) s
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
SQL Injection in download personal learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the uid parame
SQL Injection in download class learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the cstr parameter.
Data Center Audit 2.6.2 contains an SQL injection vulnerability in the username parameter of dca_login.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit
SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter.
A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Login Endpoint. The manipulat
A weakness has been identified in Korzh EasyQuery up to 7.4.0. This issue affects some unknown processing of the file /api/easyquery/models/nwind/fetch of the component Query Builder UI. This manipula
An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple GET parameters of /vam/vam_i_command.php.
SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter.
SQL Injection vulnerability in vran-dev databaseir v.1.0.7 and before allows a remote attacker to execute arbitrary code via the query parameter in the search API endpoint
A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface. This manipulation
SQL Injection in search course titles function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the search parameter.
Page 1+ Next →