895 items
Unread (4650) All Dismissed
CRITICAL
CVE-2023-1091 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-1091 1197d ago
CRITICAL
CVE-2023-1251 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-1251 1198d ago
CRITICAL
CVE-2023-1267 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-1267 1199d ago
CRITICAL
CVE-2022-3760 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2022-3760 1200d ago
CRITICAL
CVE-2023-1064 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-1064 1206d ago
CRITICAL
CVE-2022-2504 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2022-2504 1212d ago
CRITICAL
CVE-2023-0939 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-0939 1212d ago
CRITICAL
CVE-2023-24084 (CVSS 9.8) — ChiKoi v1.0 was discovered to contain a SQL injection vulnerability via the load_file function.
NVD CVE-2023-24084 1221d ago
CRITICAL
CVE-2023-25718 (CVSS 9.8) — In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable fil...
NVD CVE-2023-25718 1221d ago
CRITICAL
CVE-2023-25717 (CVSS 9.8) — Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Requ...
NVD CVE-2023-25717 1221d ago
CRITICAL
CVE-2023-24188 (CVSS 9.1) — ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion functi...
NVD CVE-2023-24188 1221d ago
CRITICAL
CVE-2023-23551 (CVSS 9.1) — Control By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could a...
NVD CVE-2023-23551 1221d ago
CRITICAL
CVE-2023-23163 (CVSS 9.8) — Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability v...
NVD CVE-2023-23163 1224d ago
CRITICAL
CVE-2023-23162 (CVSS 9.8) — Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability v...
NVD CVE-2023-23162 1224d ago
CRITICAL
CVE-2023-24352 (CVSS 9.8) — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpag...
NVD CVE-2023-24352 1224d ago
CRITICAL
CVE-2023-24351 (CVSS 9.8) — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECO...
NVD CVE-2023-24351 1224d ago
CRITICAL
CVE-2023-24350 (CVSS 9.8) — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config...
NVD CVE-2023-24350 1224d ago
CRITICAL
CVE-2023-24349 (CVSS 9.8) — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTim...
NVD CVE-2023-24349 1224d ago
CRITICAL
CVE-2023-24348 (CVSS 9.8) — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTim...
NVD CVE-2023-24348 1224d ago
CRITICAL
CVE-2023-24813 (CVSS 10) — Dompdf is an HTML to PDF converter written in php. Due to the difference in the attribute parser of ...
NVD CVE-2023-24813 1227d ago
CRITICAL
CVE-2023-23333 (CVSS 9.8) — There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute ...
NVD CVE-2023-23333 1228d ago
CRITICAL
CVE-2023-24276 (CVSS 9.8) — TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability ...
NVD CVE-2023-24276 1228d ago
CRITICAL
CVE-2023-24202 (CVSS 9.8) — Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page ...
NVD CVE-2023-24202 1228d ago
CRITICAL
CVE-2023-24201 (CVSS 9.8) — Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter...
NVD CVE-2023-24201 1228d ago
CRITICAL
CVE-2023-24200 (CVSS 9.8) — Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter...
NVD CVE-2023-24200 1228d ago
CRITICAL
CVE-2023-24199 (CVSS 9.8) — Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter...
NVD CVE-2023-24199 1228d ago
CRITICAL
CVE-2023-24198 (CVSS 9.8) — Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_win...
NVD CVE-2023-24198 1228d ago
CRITICAL
CVE-2023-23088 (CVSS 9.8) — Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an a...
NVD CVE-2023-23088 1231d ago
CRITICAL
CVE-2023-23087 (CVSS 9.8) — An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy func...
NVD CVE-2023-23087 1231d ago
CRITICAL
CVE-2023-23086 (CVSS 9.8) — Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an attacker to execute arbitrary code via th...
NVD CVE-2023-23086 1231d ago
CRITICAL
CVE-2023-24157 (CVSS 9.8) — A command injection vulnerability in the serverIp parameter in the function updateWifiInfo of TOTOLI...
NVD CVE-2023-24157 1231d ago
CRITICAL
CVE-2023-24156 (CVSS 9.8) — A command injection vulnerability in the ip parameter in the function recvSlaveUpgstatus of TOTOLINK...
NVD CVE-2023-24156 1231d ago
CRITICAL
CVE-2023-24155 (CVSS 9.8) — TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is ...
NVD CVE-2023-24155 1231d ago
CRITICAL
CVE-2023-24154 (CVSS 9.8) — TOTOLINK T8 V4.1.5cu was discovered to contain a command injection vulnerability via the slaveIpList...
NVD CVE-2023-24154 1231d ago
CRITICAL
CVE-2023-24153 (CVSS 9.8) — A command injection vulnerability in the version parameter in the function recvSlaveCloudCheckStatus...
NVD CVE-2023-24153 1231d ago
CRITICAL
CVE-2023-24152 (CVSS 9.8) — A command injection vulnerability in the serverIp parameter in the function meshSlaveUpdate of TOTOL...
NVD CVE-2023-24152 1231d ago
CRITICAL
CVE-2023-24151 (CVSS 9.8) — A command injection vulnerability in the ip parameter in the function recvSlaveCloudCheckStatus of T...
NVD CVE-2023-24151 1231d ago
CRITICAL
CVE-2023-24150 (CVSS 9.8) — A command injection vulnerability in the serverIp parameter in the function meshSlaveDlfw of TOTOLIN...
NVD CVE-2023-24150 1231d ago
CRITICAL
CVE-2023-24149 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored...
NVD CVE-2023-24149 1231d ago
CRITICAL
CVE-2023-24148 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the Fil...
NVD CVE-2023-24148 1231d ago
CRITICAL
CVE-2023-24146 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the min...
NVD CVE-2023-24146 1231d ago
CRITICAL
CVE-2023-24145 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the plu...
NVD CVE-2023-24145 1231d ago
CRITICAL
CVE-2023-24144 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hou...
NVD CVE-2023-24144 1231d ago
CRITICAL
CVE-2023-24143 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the Net...
NVD CVE-2023-24143 1231d ago
CRITICAL
CVE-2023-24142 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the Net...
NVD CVE-2023-24142 1231d ago
CRITICAL
CVE-2023-24141 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the Net...
NVD CVE-2023-24141 1231d ago
CRITICAL
CVE-2023-24140 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the Net...
NVD CVE-2023-24140 1231d ago
CRITICAL
CVE-2023-24139 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the Net...
NVD CVE-2023-24139 1231d ago
CRITICAL
CVE-2023-24138 (CVSS 9.8) — TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hos...
NVD CVE-2023-24138 1231d ago
CRITICAL
CVE-2023-25139 (CVSS 9.8) — sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situat...
NVD CVE-2023-25139 1232d ago
CRITICAL NVD Fri, 10 Mar 2023 08:15:09 UTC
CVE-2023-1091 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
https://nvd.nist.gov/vuln/detail/CVE-2023-1091
TL;DR
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01.
CVE-2023-1091
Read full story ↗