Vulmon Recent Vulnerabilities Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2021-1357
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
NA
CVE-2021-1364
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
NA
CVE-2021-1355
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
NA
CVE-2021-1282
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...
7.5
CVSSv2
CVE-2014-3482
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper...
Rubyonrails Rails 2.0.0Rubyonrails Rails 2.0.1Rubyonrails Rails 2.0.2Rubyonrails Rails 2.0.4Rubyonrails Rails 2.1.0Rubyonrails Rails 2.1.1Rubyonrails Rails 2.1.2Rubyonrails Rails 2.2.0Rubyonrails Rails 2.2.1Rubyonrails Rails 2.2.2Rubyonrails Rails 2.3.0Rubyonrails Rails 2.3.1Rubyonrails Rails 2.3.2Rubyonrails Rails 2.3.3Rubyonrails Rails 2.3.4Rubyonrails Rails 2.3.9Rubyonrails Rails 2.3.10Rubyonrails Rails 2.3.11Rubyonrails Rails 2.3.12Rubyonrails Rails 2.3.13Rubyonrails Rails 2.3.14Rubyonrails Rails 2.3.15Rubyonrails Rails 2.3.16Rubyonrails Rails 2.3.18Rubyonrails Rails 3.0.0Rubyonrails Rails 3.0.1Rubyonrails Rails 3.0.2Rubyonrails Rails 3.0.3Rubyonrails Rails 3.0.4Rubyonrails Rails 3.0.5Rubyonrails Rails 3.0.6Rubyonrails Rails 3.0.7Rubyonrails Rails 3.0.8Rubyonrails Rails 3.0.9Rubyonrails Rails 3.0.10Rubyonrails Rails 3.0.11Rubyonrails Rails 3.0.12Rubyonrails Rails 3.0.13Rubyonrails Rails 3.0.14Rubyonrails Rails 3.0.16Rubyonrails Rails 3.0.17Rubyonrails Rails 3.0.18Rubyonrails Rails 3.0.19Rubyonrails Rails 3.0.20Rubyonrails Rails 3.1.0Rubyonrails Rails 3.1.1Rubyonrails Rails 3.1.2Rubyonrails Rails 3.1.3Rubyonrails Rails 3.1.4Rubyonrails Rails 3.1.5Rubyonrails Rails 3.1.6Rubyonrails Rails 3.1.7Rubyonrails Rails 3.1.8Rubyonrails Rails 3.1.9Rubyonrails Rails 3.1.10Rubyonrails Rails 3.2.0Rubyonrails Rails 3.2.1Rubyonrails Rails 3.2.2Rubyonrails Rails 3.2.3Rubyonrails Rails 3.2.4Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.6Rubyonrails Rails 3.2.7Rubyonrails Rails 3.2.8Rubyonrails Rails 3.2.9Rubyonrails Rails 3.2.10Rubyonrails Rails 3.2.11Rubyonrails Rails 3.2.12Rubyonrails Rails 3.2.13Rubyonrails Rails 3.2.15Rubyonrails Rails 3.2.16Rubyonrails Rails 3.2.17Rubyonrails Rails 3.2.18Rubyonrails Ruby On Rails 2.3.17Rubyonrails Ruby On Rails 3.0.4
7.5
CVSSv2
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.0Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.2Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.6Rubyonrails Rails 4.1.0Rubyonrails Rails 4.1.1Rubyonrails Rails 4.1.2
5.5
CVSSv2
CVE-2020-3468
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates...
Cisco Sd-wan Firmware
NA
CVE-2021-1225
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities exist because the web-based management interface...
4
CVSSv2
CVE-2017-6754
A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance 3.11 could allow an authenticated, remote attacker to perform a read-only, blind SQL injection attack, which could allow the attacker to compromise the...
Cisco Smart Net Total Care Collector Appliance 3.11
7.5
CVSSv2
CVE-2020-29015
FortiWeb is vulnerable to a blind SQL injection. A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL...
Fortinet Fortiweb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalationTCPCVE-2020-4865CVE-2021-3297CVE-2018-15473CVE-2021-3317CVE-2021-23240denial of serviceCVE-2020-16107