sql injection vulnerabilities and exploits

(subscribe to this query)

6.8

CVSSv2

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled....

6.5

CVSSv2

SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter....

7.5

CVSSv2

SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors....

7.5

CVSSv2

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter....

7.5

CVSSv2

SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."...

7.5

CVSSv2

SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter....

7.5

CVSSv2

SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter....

7.5

CVSSv2

SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment....

5

CVSSv2

Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users....

7.5

CVSSv2

PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter....

« PREV 1 2 3 4 5 6 7 8 NEXT »