sql - Page 514 - Security Headlines - AI Powered Cyber Security News Aggregator

CVE-2022-35835: Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

2 years ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #web #microsoft #rce #auth #Windows OLE #Security Vulnerability

CVE-2022-34733: Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

2 years ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #web #microsoft #rce #auth #Windows OLE #Security Vulnerability

CVE-2022-34731: Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

2 years ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #web #microsoft #rce #auth #Windows OLE #Security Vulnerability

CVE-2022-35840: Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

2 years ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #web #microsoft #rce #auth #Windows OLE #Security Vulnerability

CVE-2022-38304: bug_report/SQLi-3.md at main · GGMMNN/bug_report

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php.

2 years ago

CVE

Open in Source

#sql #vulnerability #windows #php #auth #firefox

CVE-2022-38303: bug_report/SQLi-2.md at main · GGMMNN/bug_report

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php.

2 years ago

CVE

Open in Source

#sql #vulnerability #windows #php #auth #firefox

CVE-2022-38302: bug_report/SQLi-1.md at main · GGMMNN/bug_report

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_department.php.

2 years ago

CVE

Open in Source

#sql #vulnerability #windows #php #auth #firefox

CVE-2022-38610: bug_report/SQLi-2.md at main · sunaono1/bug_report

Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editclient.php.

2 years ago

CVE

Open in Source

#sql #vulnerability #windows #php #auth #firefox

CVE-2022-38606: bug_report/SQLi-1.md at main · sunaono1/bug_report

Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php.