Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql server 2016 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-1000271
Joomla extension DT Register version prior to 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web ...
Dthdevelopment Dt Register
7.5
CVSSv2
CVE-2016-6566
The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a SQ...
Sungardas Etrakit3 3.2.1.17
1 EDB exploit
7.5
CVSSv2
CVE-2016-10550
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS If user input goes into the `limit` or `order` parameters, a malicious user can put in their own SQL statements. ...
Sequelizejs Sequelize
7.5
CVSSv2
CVE-2016-10554
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses...
Sequelizejs Sequelize 1.7.0
Sequelizejs Sequelize
7.5
CVSSv2
CVE-2016-10553
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and previous versions.
Sequelizejs Sequelize
7.5
CVSSv2
CVE-2016-8341
An issue exists in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands.
Ecava Integraxor 5.0.413.0
7.5
CVSSv2
CVE-2016-7402
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.
Sybase Adaptive Server Enterprise
7.5
CVSSv2
CVE-2016-5048
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary SQL commands via the user name field.
Readydesk Readydesk 9.1
7.5
CVSSv2
CVE-2016-5050
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary code by uploading and requesting a .aspx file.
Readydesk Readydesk 9.1
7.5
CVSSv2
CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
Sap Netweaver Application Server Java 7.40
2 EDB exploits
2 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »