Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2021-32932
The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView (versions prior to v5.7.03.6182)....
NA
CVE-2021-23230
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions...
6.5
CVSSv2
CVE-2020-24671
Trace Financial CRESTBridge <6.3.0.02 contains an authenticated SQL injection vulnerability, which was fixed in 6.3.0.03....
Tracefinanacial Crestbridge
6.5
CVSSv2
CVE-2020-24667
Trace Financial CRESTBridge <6.3.0.02 contains an authenticated SQL injection vulnerability, which was fixed in 6.3.0.03....
Tracefinanacial Crestbridge
NA
CVE-2021-33894
In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x before 2019.1.5 (11.1.5), 2019.2.x before 2019.2.2 (11.2.2), 2020.x before 2020.0.5 (12.0.5), 2020.1.x before 2020.1.4 (12.1.4), and 2021.x before 2021.0.1 (13.0.1), a SQL injection vulnerability exists in...
5
CVSSv2
CVE-2021-29099
A SQL injection vulnerability exists in some configurations of ArcGIS Server versions 10.8.1 and earlier. Specially crafted web requests can expose information that is not intended to be disclosed (not customer datasets). Web Services that use file based data sources (file...
Esri Arcgis Server
NA
CVE-2021-24337
The id GET parameter of one of the Video Embed WordPress plugin through 1.0's page (available via forced browsing) is not sanitised, validated or escaped before being used in a SQL statement, allowing low privilege users, such as subscribers, to perform SQL injection....
4
CVSSv2
CVE-2020-36004
AppCMS 2.0.101 in /admin/download_frame.php has a SQL injection vulnerability which allows attackers to obtain sensitive database information....
Appcms Appcms 2.0.101
7.5
CVSSv2
CVE-2020-35441
FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php....
Fangfa Fdcms 4.0
5
CVSSv2
CVE-2020-25362
The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases....
Online Shopping Alphaware Project Online Shopping Alphaware 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-33742CVE-2021-33739CVE-2021-0492injectionCVE-2017-1079validationCVE-2021-22906denial of serviceCVE-2021-22912
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook