Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql vulnerabilities and exploits

(subscribe to this query)

6.5
CVSSv2
CVE-2007-0667
The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872....
Sql-ledger Sql-ledger 2.6.19Sql-ledger Sql-ledger 2.6.21Sql-ledger Sql-ledger 2.6.25Ledgersmb LedgersmbSql-ledger Sql-ledger 2.6.17Sql-ledger Sql-ledger 2.6.18Sql-ledger Sql-ledger 2.4.7
7.5
CVSSv2
CVE-2006-4244
SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the...
Sql-ledger Sql-ledger 2.4.14Sql-ledger Sql-ledger 2.4.15Sql-ledger Sql-ledger 2.4.9Sql-ledger Sql-ledger 2.6.0Sql-ledger Sql-ledger 2.6.1Sql-ledger Sql-ledger 2.6.16Sql-ledger Sql-ledger 2.6.2Sql-ledger Sql-ledger 2.6.9Sql-ledger Sql-ledger 2.4.16Sql-ledger Sql-ledger 2.4.4Sql-ledger Sql-ledger 2.6.10Sql-ledger Sql-ledger 2.6.11Sql-ledger Sql-ledger 2.6.3Sql-ledger Sql-ledger 2.6.4Sql-ledger Sql-ledger 2.4.12Sql-ledger Sql-ledger 2.4.13Sql-ledger Sql-ledger 2.4.7Sql-ledger Sql-ledger 2.4.8Sql-ledger Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.6.7Sql-ledger Sql-ledger 2.6.8Sql-ledger Sql-ledger 2.6.17Sql-ledger Sql-ledger 2.4.10Sql-ledger Sql-ledger 2.4.11Sql-ledger Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.4.6Sql-ledger Sql-ledger 2.6.12Sql-ledger Sql-ledger 2.6.13Sql-ledger Sql-ledger 2.6.5Sql-ledger Sql-ledger 2.6.6
7.5
CVSSv2
CVE-2007-1436
Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote attackers to bypass authentication via unknown vectors that prevents a password check from occurring....
Sql-ledger Sql-ledger 2.4.10Sql-ledger Sql-ledger 2.4.11Sql-ledger Sql-ledger 2.4.6Sql-ledger Sql-ledger 2.4.7Sql-ledger Sql-ledger 2.6.12Sql-ledger Sql-ledger 2.6.13Sql-ledger Sql-ledger 2.6.2Sql-ledger Sql-ledger 2.6.21Ledgersmb LedgersmbSql-ledger Sql-ledgerSql-ledger Sql-ledger 2.4.12Sql-ledger Sql-ledger 2.4.13Sql-ledger Sql-ledger 2.4.8Sql-ledger Sql-ledger 2.4.9Sql-ledger Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.6.3Sql-ledger Sql-ledger 2.6.4Sql-ledger Sql-ledger 2.6.5Ledgersmb Ledgersmb 1.1.1Ledgersmb Ledgersmb 1.1.5Sql-ledger Sql-ledger 2.4.4Sql-ledger Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.6.10Sql-ledger Sql-ledger 2.6.11Sql-ledger Sql-ledger 2.6.18Sql-ledger Sql-ledger 2.6.19Sql-ledger Sql-ledger 2.6.8Sql-ledger Sql-ledger 2.6.9Ledgersmb Ledgersmb 1.0.0Ledgersmb Ledgersmb 1.1.0Sql-ledger Sql-ledger 2.4.14Sql-ledger Sql-ledger 2.4.15Sql-ledger Sql-ledger 2.4.16Sql-ledger Sql-ledger 2.6.0Sql-ledger Sql-ledger 2.6.1Sql-ledger Sql-ledger 2.6.16Sql-ledger Sql-ledger 2.6.17Sql-ledger Sql-ledger 2.6.6Sql-ledger Sql-ledger 2.6.7
7.8
CVSSv2
CVE-2008-4077
The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large Content-Length....
Ledgersmb Ledgersmb 1.2.10Ledgersmb Ledgersmb 1.2.8Ledgersmb Ledgersmb 1.2.5Ledgersmb Ledgersmb 1.2.6Ledgersmb Ledgersmb 1.2.1Ledgersmb Ledgersmb 1.2.0Sql-ledger Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.6.22Sql-ledger Sql-ledger 2.6.23Sql-ledger Sql-ledger 2.8.3Sql-ledger Sql-ledger 2.8.4Dws Systems Inc. Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.4.7Sql-ledger Sql-ledger 2.6.1Sql-ledger Sql-ledger 2.4.8Dws Systems Inc. Sql-ledger 2.4.6Ledgersmb Ledgersmb 1.2.3Dws Systems Inc. Sql-ledger 2.4.12Dws Systems Inc. Sql-ledger 2.4.13Sql-ledger Sql-ledger 2.4.13Dws Systems Inc. Sql-ledger 2.6.9Dws Systems Inc. Sql-ledger 2.6.4Dws Systems Inc. Sql-ledgerSql-ledger Sql-ledger 2.6.7Sql-ledger Sql-ledger 2.8.11Ledgersmb Ledgersmb 1.2.9Dws Systems Inc. Sql-ledger 2.4.3Sql-ledger Sql-ledger 2.4.15Sql-ledger Sql-ledger 2.8.12Dws Systems Inc. Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.6.17Dws Systems Inc. Sql-ledger 2.2.1Dws Systems Inc. Sql-ledger 2.4.0Dws Systems Inc. Sql-ledger 2.2.7Ledgersmb Ledgersmb 1.2.11Ledgersmb Ledgersmb 1.2.13Sql-ledger Sql-ledger 2.6.16Sql-ledger Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.6.11Ledgersmb LedgersmbDws Systems Inc. Sql-ledger 2.6.12Dws Systems Inc. Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.8.16Ledgersmb Ledgersmb 1.2.12Dws Systems Inc. Sql-ledger 2.6.3Ledgersmb Ledgersmb 1.1.5Dws Systems Inc. Sql-ledger 2.6.13Sql-ledger Sql-ledger 2.8.13Dws Systems Inc. Sql-ledger 2.4.14Sql-ledger Sql-ledger 2.6.19Sql-ledger Sql-ledger 2.6.17Sql-ledger Sql-ledger 2.8.5Dws Systems Inc. Sql-ledger 2.6.11Sql-ledger Sql-ledger 2.8.14Sql-ledger Sql-ledger 2.4.6Sql-ledger Sql-ledger 2.8.7Sql-ledger Sql-ledger 2.8.8Sql-ledger Sql-ledgerDws Systems Inc. Sql-ledger 2.6.18Dws Systems Inc. Sql-ledger 2.4.1Sql-ledger Sql-ledger 2.4.10Sql-ledger Sql-ledger 2.6.4Sql-ledger Sql-ledger 2.6.25Sql-ledger Sql-ledger 2.4.16Sql-ledger Sql-ledger 2.6.18Ledgersmb Ledgersmb 1.1.8Sql-ledger Sql-ledger 2.6.26Sql-ledger Sql-ledger 2.6.27Sql-ledger Sql-ledger 2.6.2Dws Systems Inc. Sql-ledger 2.4.15Sql-ledger Sql-ledger 2.4.11Sql-ledger Sql-ledger 2.6.10Ledgersmb Ledgersmb 1.2.4Dws Systems Inc. Sql-ledger 2.6.27Dws Systems Inc. Sql-ledger 2.2.2Sql-ledger Sql-ledger 2.8.0Ledgersmb Ledgersmb 1.1.1Dws Systems Inc. Sql-ledger 2.6.5Sql-ledger Sql-ledger 2.6.24Sql-ledger Sql-ledger 2.8.15Dws Systems Inc. Sql-ledger 2.6.8Dws Systems Inc. Sql-ledger 2.6.10Sql-ledger Sql-ledger 2.8.6Sql-ledger Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.4.10Sql-ledger Sql-ledger 2.8.10Dws Systems Inc. Sql-ledger 2.4.7Ledgersmb Ledgersmb 1.1.0Ledgersmb Ledgersmb 1.2.7Dws Systems Inc. Sql-ledger 2.2.3Dws Systems Inc. Sql-ledger 2.2.5Sql-ledger Sql-ledger 2.6.9Sql-ledger Sql-ledger 2.6.0Sql-ledger Sql-ledger 2.6.12Sql-ledger Sql-ledger 2.6.3Sql-ledger Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.6.1Ledgersmb Ledgersmb 1.0.0Dws Systems Inc. Sql-ledger 2.6.16Ledgersmb Ledgersmb 1.2.2Dws Systems Inc. Sql-ledger 2.2.0Sql-ledger Sql-ledger 2.4.4Dws Systems Inc. Sql-ledger 2.2.6Dws Systems Inc. Sql-ledger 2.4.5Dws Systems Inc. Sql-ledger 2.4.11Dws Systems Inc. Sql-ledger 2.4.16Dws Systems Inc. Sql-ledger 2.4.8Sql-ledger Sql-ledger 2.8.2Dws Systems Inc. Sql-ledger 2.6.7Sql-ledger Sql-ledger 2.8.1Sql-ledger Sql-ledger 2.6.20Sql-ledger Sql-ledger 2.4.14Dws Systems Inc. Sql-ledger 2.2.4Sql-ledger Sql-ledger 2.4.12Dws Systems Inc. Sql-ledger 2.4.4Sql-ledger Sql-ledger 2.6.21Dws Systems Inc. Sql-ledger 2.4.2Sql-ledger Sql-ledger 2.6.8Sql-ledger Sql-ledger 2.6.5Sql-ledger Sql-ledger 2.8.9Sql-ledger Sql-ledger 2.6.13Dws Systems Inc. Sql-ledger 2.6.2
6.5
CVSSv2
CVE-2008-4078
SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Ledgersmb Ledgersmb 1.2.7Ledgersmb Ledgersmb 1.2.5Ledgersmb Ledgersmb 1.0.0Ledgersmb Ledgersmb 1.2.2Sql-ledger Sql-ledger 2.6.12Sql-ledger Sql-ledger 2.6.13Sql-ledger Sql-ledger 2.6.21Sql-ledger Sql-ledger 2.6.22Sql-ledger Sql-ledger 2.8.1Sql-ledger Sql-ledger 2.8.2Sql-ledger Sql-ledger 2.8.9Sql-ledger Sql-ledger 2.8.10Sql-ledger Sql-ledger 2.6.16Ledgersmb LedgersmbDws Systems Inc. Sql-ledger 2.6.12Ledgersmb Ledgersmb 1.2.3Ledgersmb Ledgersmb 1.1.5Dws Systems Inc. Sql-ledger 2.6.13Sql-ledger Sql-ledger 2.6.17Dws Systems Inc. Sql-ledger 2.6.16Sql-ledger Sql-ledger 2.8.5Sql-ledger Sql-ledger 2.8.14Ledgersmb Ledgersmb 1.2.6Sql-ledger Sql-ledger 2.6.25Ledgersmb Ledgersmb 1.2.8Sql-ledger Sql-ledger 2.6.18Ledgersmb Ledgersmb 1.2.9Ledgersmb Ledgersmb 1.1.8Sql-ledger Sql-ledger 2.6.26Ledgersmb Ledgersmb 1.2.1Ledgersmb Ledgersmb 1.2.4Dws Systems Inc. Sql-ledger 2.6.17Ledgersmb Ledgersmb 1.2.10Sql-ledger Sql-ledger 2.8.15Sql-ledger Sql-ledger 2.8.6Ledgersmb Ledgersmb 1.2.11Ledgersmb Ledgersmb 1.2.13Dws Systems Inc. Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.6.11Ledgersmb Ledgersmb 1.1.0Sql-ledger Sql-ledger 2.4.7Sql-ledger Sql-ledger 2.6.1Sql-ledger Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.4.8Dws Systems Inc. Sql-ledger 2.4.6Dws Systems Inc. Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.8.16Ledgersmb Ledgersmb 1.2.12Dws Systems Inc. Sql-ledger 2.6.3Dws Systems Inc. Sql-ledger 2.4.12Sql-ledger Sql-ledger 2.8.4Sql-ledger Sql-ledger 2.8.13Sql-ledger Sql-ledger 2.6.19Sql-ledger Sql-ledger 2.4.4Dws Systems Inc. Sql-ledger 2.6.11Sql-ledger Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.8.7Sql-ledger Sql-ledger 2.8.8Sql-ledger Sql-ledgerDws Systems Inc. Sql-ledger 2.6.18Dws Systems Inc. Sql-ledger 2.4.1Sql-ledger Sql-ledger 2.4.10Dws Systems Inc. Sql-ledger 2.6.9Dws Systems Inc. Sql-ledger 2.6.4Dws Systems Inc. Sql-ledgerSql-ledger Sql-ledger 2.4.16Sql-ledger Sql-ledger 2.6.23Sql-ledger Sql-ledger 2.6.7Sql-ledger Sql-ledger 2.6.20Sql-ledger Sql-ledger 2.8.11Dws Systems Inc. Sql-ledger 2.4.3Ledgersmb Ledgersmb 1.2.0Sql-ledger Sql-ledger 2.6.27Sql-ledger Sql-ledger 2.8.12Sql-ledger Sql-ledger 2.6.10Dws Systems Inc. Sql-ledger 2.2.1Dws Systems Inc. Sql-ledger 2.4.0Sql-ledger Sql-ledger 2.8.0Sql-ledger Sql-ledger 2.8.3Ledgersmb Ledgersmb 1.1.1Sql-ledger Sql-ledger 2.6.24Dws Systems Inc. Sql-ledger 2.6.10Sql-ledger Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.4.10Dws Systems Inc. Sql-ledger 2.4.7Dws Systems Inc. Sql-ledger 2.2.3Dws Systems Inc. Sql-ledger 2.2.5Sql-ledger Sql-ledger 2.6.9Sql-ledger Sql-ledger 2.6.0Sql-ledger Sql-ledger 2.6.3Sql-ledger Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.4.14Dws Systems Inc. Sql-ledger 2.6.1Dws Systems Inc. Sql-ledger 2.2.0Dws Systems Inc. Sql-ledger 2.2.6Dws Systems Inc. Sql-ledger 2.4.13Dws Systems Inc. Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.4.6Dws Systems Inc. Sql-ledger 2.4.11Dws Systems Inc. Sql-ledger 2.4.16Sql-ledger Sql-ledger 2.4.13Dws Systems Inc. Sql-ledger 2.4.8Sql-ledger Sql-ledger 2.6.4Dws Systems Inc. Sql-ledger 2.6.7Sql-ledger Sql-ledger 2.4.14Sql-ledger Sql-ledger 2.4.15Dws Systems Inc. Sql-ledger 2.2.4Sql-ledger Sql-ledger 2.4.12Dws Systems Inc. Sql-ledger 2.4.4Sql-ledger Sql-ledger 2.6.2Dws Systems Inc. Sql-ledger 2.4.15Sql-ledger Sql-ledger 2.4.11Dws Systems Inc. Sql-ledger 2.6.27Dws Systems Inc. Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.4.2Sql-ledger Sql-ledger 2.6.8Dws Systems Inc. Sql-ledger 2.2.2Sql-ledger Sql-ledger 2.6.5Dws Systems Inc. Sql-ledger 2.2.7Dws Systems Inc. Sql-ledger 2.6.5Dws Systems Inc. Sql-ledger 2.6.8Dws Systems Inc. Sql-ledger 2.6.2
7.5
CVSSv2
CVE-2008-3053
SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors....
Typo3 Sql Frontend Extension 1.0.0Typo3 Sql Frontend Extension 1.0.1Typo3 Sql Frontend Extension 1.0.7Typo3 Sql Frontend Extension 1.0.8Typo3 Sql Frontend Extension 1.0.3Typo3 Sql Frontend Extension 1.0.4Typo3 Sql Frontend Extension 1.0.5Typo3 Sql Frontend Extension 1.0.6Typo3 Sql Frontend Extension 1.0.10Typo3 Sql Frontend Extension 1.0.2Typo3 Sql Frontend Extension 1.0.9Typo3 Sql Frontend Extension
5
CVSSv2
CVE-2006-4731
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash)....
Dws Systems Inc. Sql-ledger 2.2.0Dws Systems Inc. Sql-ledger 2.2.1Dws Systems Inc. Sql-ledger 2.4.1Dws Systems Inc. Sql-ledger 2.4.10Dws Systems Inc. Sql-ledger 2.4.2Dws Systems Inc. Sql-ledger 2.4.3Dws Systems Inc. Sql-ledger 2.6.1Dws Systems Inc. Sql-ledger 2.6.10Dws Systems Inc. Sql-ledger 2.6.18Dws Systems Inc. Sql-ledger 2.6.2Dws Systems Inc. Sql-ledger 2.6.9Ledgersmb LedgersmbDws Systems Inc. Sql-ledger 2.2.2Dws Systems Inc. Sql-ledger 2.2.3Dws Systems Inc. Sql-ledger 2.4.11Dws Systems Inc. Sql-ledger 2.4.12Dws Systems Inc. Sql-ledger 2.4.4Dws Systems Inc. Sql-ledger 2.4.5Dws Systems Inc. Sql-ledger 2.6.11Dws Systems Inc. Sql-ledger 2.6.12Dws Systems Inc. Sql-ledger 2.6.13Dws Systems Inc. Sql-ledger 2.6.3Dws Systems Inc. Sql-ledger 2.6.4Dws Systems Inc. Sql-ledger 2.2.4Dws Systems Inc. Sql-ledger 2.2.5Dws Systems Inc. Sql-ledger 2.2.6Dws Systems Inc. Sql-ledger 2.4.13Dws Systems Inc. Sql-ledger 2.4.14Dws Systems Inc. Sql-ledger 2.4.6Dws Systems Inc. Sql-ledger 2.4.7Dws Systems Inc. Sql-ledger 2.6.14Dws Systems Inc. Sql-ledger 2.6.15Dws Systems Inc. Sql-ledger 2.6.5Dws Systems Inc. Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.2.7Dws Systems Inc. Sql-ledger 2.4.0Dws Systems Inc. Sql-ledger 2.4.15Dws Systems Inc. Sql-ledger 2.4.16Dws Systems Inc. Sql-ledger 2.4.8Dws Systems Inc. Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.6.16Dws Systems Inc. Sql-ledger 2.6.17Dws Systems Inc. Sql-ledger 2.6.7Dws Systems Inc. Sql-ledger 2.6.8
3.5
CVSSv2
CVE-2013-2322
HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue....
Hp Nonstop Sql\\/mx 2.3Hp Nonstop Sql\\/mx 21Hp Nonstop Sql\\/mxHp Nonstop Sql\\/mx 3.1Hp Nonstop Sql\\/mx 2.0Hp Nonstop Sql\\/mx 1.8Hp Nonstop Sql\\/mx 3.0Hp Nonstop Sql\\/mx 2.2
6.5
CVSSv2
CVE-2021-1636
Microsoft SQL Elevation of Privilege Vulnerability....
Microsoft Sql Server 2012Microsoft Sql Server 2014Microsoft Sql Server 2016Microsoft Sql Server 2017Microsoft Sql Server 2019
1.9
CVSSv2
CVE-2020-14740
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Account privilege with logon...
Oracle Sql Developer 11.2.0.4Oracle Sql Developer 12.1.0.2Oracle Sql Developer 12.2.0.1Oracle Sql Developer 18c
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-23418CVE-2021-36934CVE-2021-32796remoteCVE-2021-37743file uploadCVE-2020-10590log injectionCVE-2021-3490
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook