映射到 CWE-77,CWE-89,CWE-564 的搜索结果 (4542)

CVE-2014-3741(发布:2017-10-23 14:29:00)NMCS
CVSS7.5

[CNNVD]node-printer ‘printDirect()’函数远程命令注入漏洞--node-printer是软件开发者tojocky所研发的一个在Node.js(网络应用平台)中绑定POSIX和Windows操作系统中的打印机的包。 node-printer中存在远程命令注入漏洞。攻击者可利用该漏洞在受影响应用程序上下文中执行任意命令。node-printer...

CVE-2015-5533(发布:2017-10-23 14:29:00)NMCPS
CVSS6.5

[CNNVD]WordPress Count per Day插件SQL注入漏洞--WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Count per Day是其中的一个访客数量统计插件。 WordPress Count per Day插件中存在SQL注入漏洞,该漏洞源...

CVE-2017-2133(发布:2017-10-20 07:29:00)NMS
CVSS6.5

[原文]SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2015-5376(发布:2017-10-18 16:29:00)NM
CVSS7.5

[原文]SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows remote attackers to execute arbitrary SQL commands via the username field.

CVE-2015-7714(发布:2017-10-18 14:29:00)NMP
CVSS6.5

[原文]Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6) cat_id, (7) text_search, (8) plisting, or (9) pwizard parameter to administrator/index.php.

CVE-2017-3761(发布:2017-10-17 16:29:00)NM
CVSS10.0

[原文]The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.

首页上一页56789101112下一页尾页 第7页 / 共757页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站