CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Due to improper sanitization MedData HBYS software suffers from a remote SQL injection vulnerability. An unauthenticated attacker with the web access is able to extract critical information from the system.


Permalink

main

Switch branches/tags

Loading

**CVE-2021-43361/**CVE-2021-43361.txt****

Go to file

*   Go to file

*   Copy path
*   Copy permalink

Cannot retrieve contributors at this time

9 lines (9 sloc) 372 Bytes

Raw Blame

*   Open with Desktop
*   View raw
*   Copy raw contents
*   View blame

\# Product: MedData HBYS

\# DBMS: ORACLE

\# SQLi type: Oracle AND error-based

\# Version: 1.0

\# Description: A remote attacker can retrieve arbitrary sensitive data from SQL server with sending payloads over application to SQL server.

\# Impact: Data manipulation/deletion

Sensitive data leak

Hijacking of systems

\# Solution: The vendor has fixed the issue.

Headline

CVE-2021-43361: CVE-2021-43361/CVE-2021-43361.txt at main · bartutku/CVE-2021-43361

CVE: Latest News