Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-2552
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote malicious users to inject arbitrary web script or HTML via an unspecified p...
Microsoft Sql Server 2005
Microsoft Sql Server 2008
Microsoft Sql Server 2012
Microsoft Sql Server Reporting Services 2000
6.5
CVSSv2
CVE-2015-1761
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of Pr...
Microsoft Sql Server 2012
Microsoft Sql Server 2014
Microsoft Sql Server 2008
1 Article
7.1
CVSSv2
CVE-2015-1762
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified function calls, which allows remote authenticated users to execute arbitrary code by l...
Microsoft Sql Server 2008
Microsoft Sql Server 2012
Microsoft Sql Server 2014
1 Article
8.5
CVSSv2
CVE-2015-1763
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remote authenticated users to execute arbitrary code via a crafted query, aka "S...
Microsoft Sql Server 2008
Microsoft Sql Server 2012
Microsoft Sql Server 2014
1 Article
6.5
CVSSv2
CVE-2019-1068
A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.
Microsoft Sql Server 2017
Microsoft Sql Server 2014
Microsoft Sql Server 2016
1 Github repository
2 Articles
5
CVSSv2
CVE-2017-8516
Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Discl...
Microsoft Sql Server 2016
Microsoft Sql Server 2012
Microsoft Sql Server 2014
1 Article
6.5
CVSSv2
CVE-2020-0618
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
Microsoft Sql Server 2012
Microsoft Sql Server 2014
Microsoft Sql Server 2016
4 Github repositories
2 Articles
3.5
CVSSv2
CVE-2009-3581
Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description field in the Accounts Receivables menu item for Add Transaction, (2) the Description field in the Accounts ...
Sql-ledger Sql-ledger 2.8.24
6.5
CVSSv2
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operatio...
Sql-ledger Sql-ledger 2.8.24
7.5
CVSSv2
CVE-2007-1541
Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL (%00) character to protect against directory traversal attacks, which allows remote malicious users to run arbitrary executables and bypass authentication via a .. (dot dot) seq...
Sql-ledger Sql-ledger 2.6.27
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »