CVE-2015-10044
A vulnerability classified as critical was found in gophergala sqldump. This vulnerability affects unknown code. The manipulation leads to sql injection. The name of the patch is 76db54e9073b5248b8863e71a63d66a32d567d21. It is recommended to apply a patch to fix this issue. VDB-218350 is the identifier assigned to this vulnerability.
Source: CVE-2015-10044
CVE-2014-125077
A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This issue affects some unknown processing of the file cgi/cron.php. The manipulation leads to sql injection. The name of the patch is 281bd679a4474ddb222d16c1c380f252839cc18f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218351.
Source: CVE-2014-125077
CVE-2014-125079
A vulnerability was found in agy pontifex.http. It has been declared as critical. This vulnerability affects unknown code of the file lib/Http.coffee. The manipulation leads to sql injection. Upgrading to version 0.1.0 is able to address this issue. The name of the patch is e52a758f96861dcef2dabfecb9da191bb2e07761. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218356.
Source: CVE-2014-125079
CVE-2014-125078
A vulnerability was found in yanheven console and classified as problematic. Affected by this issue is some unknown functionality of the file horizon/static/horizon/js/horizon.instances.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 32a7b713468161282f2ea01d5e2faff980d924cd. It is recommended to apply a patch to fix this issue. VDB-218354 is the identifier assigned to this vulnerability.
Source: CVE-2014-125078
CVE-2022-4889
A vulnerability classified as critical was found in visegripped Stracker. Affected by this vulnerability is the function getHistory of the file doc_root/public_html/stracker/api.php. The manipulation of the argument symbol/startDate/endDate leads to sql injection. The name of the patch is 63e1b040373ee5b6c7d1e165ecf5ae1603d29e0a. It is recommended to apply a patch to fix this issue. The identifier VDB-218377 was assigned to this vulnerability.
Source: CVE-2022-4889
CVE-2023-23595
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE; 2.x versions are no longer supported. There is no available information about whether any later version is affected.
Source: CVE-2023-23595
CVE-2023-23590
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.
Source: CVE-2023-23590
CVE-2023-0302
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.
Source: CVE-2023-0302
CVE-2015-10043
A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The name of the patch is 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218307.
Source: CVE-2015-10043
CVE-2015-10020
A vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is 39b495011437a105c7670e17e071f99195b4922e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218380.
Source: CVE-2015-10020