Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2009-3581
Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description field in the Accounts Receivables menu item for Add Transaction, (2) the Description field in the Accounts ...
Sql-ledger Sql-ledger 2.8.24
578
VMScore
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operatio...
Sql-ledger Sql-ledger 2.8.24
668
VMScore
CVE-2009-4402
The default configuration of SQL-Ledger 2.8.24 allows remote malicious users to perform unspecified administrative operations by providing an arbitrary password to the admin interface.
Sql-ledger Sql-ledger 2.8.24
668
VMScore
CVE-2007-1541
Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL (%00) character to protect against directory traversal attacks, which allows remote malicious users to run arbitrary executables and bypass authentication via a .. (dot dot) seq...
Sql-ledger Sql-ledger 2.6.27
801
VMScore
CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
Microsoft Sql Server 7.0
Microsoft Sql Server Desktop Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 2005
Microsoft Sql Server Express Edition 2005
Microsoft Data Engine 1.0
801
VMScore
CVE-2008-0106
Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.
Microsoft Sql Server 7.0
Microsoft Sql Server Desktop Engine 2000
Microsoft Sql Server Express Edition 2005
Microsoft Data Engine 1.0
Microsoft Sql Server 2000
Microsoft Sql Server 2005
NA
CVE-2023-29349
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Odbc Driver For Sql Server
Microsoft Ole Db Driver For Sql Server
NA
CVE-2023-38169
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Odbc Driver For Sql Server 17.10.3.1
Microsoft Odbc Driver For Sql Server 18.1.2.1
Microsoft Odbc Driver For Sql Server 17.0.1.1
Microsoft Ole Db Driver For Sql Server 19.0.0
Microsoft Ole Db Driver For Sql Server 19.1.0
Microsoft Ole Db Driver For Sql Server 19.2.0
Microsoft Ole Db Driver For Sql Server 19.3.0
Microsoft Odbc Driver For Sql Server 17.10.4.1
Microsoft Odbc Driver For Sql Server 18.0.1.1
Microsoft Odbc Driver For Sql Server 18.2.1.1
Microsoft Ole Db Driver For Sql Server 18.0.2
Microsoft Ole Db Driver For Sql Server 18.1.0
Microsoft Ole Db Driver For Sql Server 18.2.1
Microsoft Ole Db Driver For Sql Server 18.2.2
Microsoft Ole Db Driver For Sql Server 18.2.3
Microsoft Ole Db Driver For Sql Server 18.3.0
Microsoft Ole Db Driver For Sql Server 18.4.0
Microsoft Ole Db Driver For Sql Server 18.5.0
Microsoft Ole Db Driver For Sql Server 18.6.0
694
VMScore
CVE-2008-4077
The CGI scripts in (1) LedgerSMB (LSMB) prior to 1.2.15 and (2) SQL-Ledger 2.8.17 and previous versions allow remote malicious users to cause a denial of service (resource exhaustion) via an HTTP POST request with a large Content-Length.
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb
578
VMScore
CVE-2008-4078
SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) prior to 1.2.15 and (2) SQL-Ledger 2.8.17 and previous versions allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »