Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29846
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetVulnerabilitiesDataTable method. The issue results from the ...
NA
CVE-2023-51637
Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Sante PACS Server PG. Authentication is not required to exploit this vulnerability. The sp...
NA
CVE-2023-49335
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
NA
CVE-2024-22120
Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind...
1 Github repository
NA
CVE-2024-30006
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
1 Article
NA
CVE-2024-27940
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database.
NA
CVE-2024-27941
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database.
NA
CVE-2024-4824
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/office_admin/' index in the parameters groups_id, examname, classes_id, es_voucherid, es_class, etc. This vulnerability could allow a remote malicious user to send a special...
NA
CVE-2024-5678
Ethical Hacking Technical Report Client: [TeckMart] Date: [10-05-2024] Prepared by: [April Lyn Monte] and [Bergel Lumapag] Executive Summary The technical results of the TechMart ethical hacking assessment are presented in this paper. The evaluation's goal was to find weakne...
1 Github repository
NA
CVE-2024-25533
Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website (/WorkFlow/OfficeFileUpdate.aspx). This vulnerability can allow malicious users to write files to the server or execute arbitrary commands via crafted SQL statements.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »