sql injection vulnerabilities and exploits

7.5
HIGH
CVE-2019-8979

Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled....

NA
CVE-2018-1002161

Koji is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to view, add, modify or delete information in the back-end database....

7.5
HIGH
CVE-2019-7164

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter....

NA
CVE-2019-7755

webERP 4.15 - 'ImportBankTransaction' Blind SQL Injection...

NA
CVE-2019-8924

XAMPP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the cds-fpdf.php script. A remote attacker could exploit this vulnerability using the interpret or titel parameter to inject malicious script into a Web page which would be execut...

NA
CVE-2012-2593

AtMail Email Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site request forgery attacks. The vulnerability is due to improper session management used by the device web-based management interface. An unauthe...

7.5
HIGH
CVE-2019-8423

ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter....

7.5
HIGH
CVE-2019-8424

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter....

7.5
HIGH
CVE-2019-8429

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj] parameter....

7.5
HIGH
CVE-2019-8428

ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value....

NA
CVE-2019-8349

Htmly is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the destination or content parameter in a specially-crafted URL to execute script in a victim's Web browser within the ...