Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4779
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to SQL Injection via the ‘data[post_ids][0]’ parameter in all versions up to, and including, 1.5.107 due to insufficient escaping on the user supplied parameter a...
NA
CVE-2023-46806
An SQL Injection vulnerability in a web component of EPMM versions prior to 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.
NA
CVE-2023-46807
An SQL Injection vulnerability in web component of EPMM prior to 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.
NA
CVE-2024-20360
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interfa...
Cisco Firepower Management Center
NA
CVE-2024-3495
The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation ...
2 Github repositories
NA
CVE-2024-4443
The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied ...
1 Github repository
NA
CVE-2024-3518
The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode(s) in all versions up to, and including, 3.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. ...
NA
CVE-2023-3942
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an malicious user to, in some cases, impersonate another user or perform unauthorized actions. In oth...
NA
CVE-2023-3938
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZkTeco-based OEM devices allows an attacker to authenticate under any user from the device database. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smar...
NA
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other ...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »