映射到 CWE-77,CWE-89,CWE-564 的搜索结果 (4698)

CVE-2018-7269(发布:2018-03-21 14:29:00)NM
CVSS7.5

[原文]The findByCondition function in framework/db/ActiveRecord.php in Yii 2.x before 2.0.15 allows remote attackers to conduct SQL injection attacks via a findOne() or findAll() call, unless a developer recognizes an undocumented need to sanitize array input.

CVE-2014-4928(发布:2018-03-20 17:29:00)NM
CVSS6.5

[原文]SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter.

CVE-2014-2652(发布:2018-03-19 17:29:00)NM
CVSS7.5

[原文]SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2018-6843(发布:2018-03-19 10:29:00)NM
CVSS6.5

[原文]Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the administration interface.

CVE-2018-8756(发布:2018-03-18 02:29:00)NM
CVSS6.5

[原文]Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=member_content&a=init request.

CVE-2018-7033(发布:2018-03-15 18:29:00)NM
CVSS7.5

[原文]SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.

首页上一页12345678下一页尾页 第2页 / 共783页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站