映射到 CWE-77,CWE-89,CWE-564 的搜索结果 (4754)

CVE-2017-9839(发布:2018-04-10 23:29:00)NM
CVSS6.5

[原文]Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php (type parameter).

CVE-2014-3114(发布:2018-04-10 11:29:00)NM
CVSS7.5

[原文]The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php.

CVE-2018-9924(发布:2018-04-10 02:29:00)NM
CVSS7.5

[原文]An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request.

CVE-2018-1096(发布:2018-04-05 17:29:01)NMP
CVSS4.0

[原文]An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.

CVE-2018-1282(发布:2018-04-05 09:29:00)NMS
CVSS7.5

[原文]This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.

CVE-2018-9309(发布:2018-04-04 21:29:07)NM
CVSS5.0

[原文]An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in a dl/dl_sendsms.php request.

首页上一页678910111213下一页尾页 第8页 / 共793页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站