For providers

Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manage_playlist_items.php. An attacker can execute arbitrary SQL commands via the "pid" parameter.

A SQL injection vulnerability in "/music/controller.php?page=view_music" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter.

A SQL injection vulnerability in /music/index.php?page=view_playlist in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter.

A SQL injection vulnerability in "/music/view_user.php" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter of View User Profile Page.

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could...

Learning with Texts (LWT) 2.0.3 is vulnerable to Cross Site Scripting (XSS). The application has a specific function that does not filter special characters in URL parameters. Remote attackers can...

Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are...

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device....

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack...

The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via the Twig Server-Side Template Injection. This is due to missing input...