Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0146
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
Cisco Security Agent 6.0
NA
CVE-2010-0148
Unspecified vulnerability in Cisco Security Agent 5.2 prior to 5.2.0.285, when running on Linux, allows remote malicious users to cause a denial of service (kernel panic) via "a series of TCP packets."
Cisco Security Agent 5.2
NA
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 up to and including 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote malicious users to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
Dws Systems Inc. Sql-ledger 2.6.14
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.7
Ledgersmb Ledgersmb 1.1.0
Ledgersmb Ledgersmb 1.2.7
Dws Systems Inc. Sql-ledger 2.2.3
Dws Systems Inc. Sql-ledger 2.6.12
Dws Systems Inc. Sql-ledger 2.2.5
Dws Systems Inc. Sql-ledger 2.4.6
Dws Systems Inc. Sql-ledger 2.6.15
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.3
Ledgersmb Ledgersmb 1.2.3
Ledgersmb Ledgersmb 1.1.5
Dws Systems Inc. Sql-ledger 2.4.12
Dws Systems Inc. Sql-ledger 2.6.13
Dws Systems Inc. Sql-ledger 2.4.14
Ledgersmb Ledgersmb 1.2.5
Dws Systems Inc. Sql-ledger 2.6.1
Ledgersmb Ledgersmb 1.0.0
Dws Systems Inc. Sql-ledger 2.6.16
Ledgersmb Ledgersmb 1.2.2
NA
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sql 1.4
Geek247 Pigmy-sql
1 EDB exploit
NA
CVE-2014-0372
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Othe...
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 12.2.2
Oracle Supply Chain Products Suite Sql-server 12.2.0
Oracle Supply Chain Products Suite Sql-server 7.3.1
1 EDB exploit
NA
CVE-2008-3053
SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and previous versions for TYPO3 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Typo3 Sql Frontend Extension 1.0.3
Typo3 Sql Frontend Extension 1.0.0
Typo3 Sql Frontend Extension 1.0.10
Typo3 Sql Frontend Extension 1.0.9
Typo3 Sql Frontend Extension 1.0.7
Typo3 Sql Frontend Extension 1.0.1
Typo3 Sql Frontend Extension 1.0.4
Typo3 Sql Frontend Extension 1.0.2
Typo3 Sql Frontend Extension 1.0.5
Typo3 Sql Frontend Extension 1.0.6
Typo3 Sql Frontend Extension 1.0.8
Typo3 Sql Frontend Extension
NA
CVE-2010-0147
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0.296, and 6.0 prior to 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Cisco Security Agent 5.1
Cisco Security Agent 5.2
Cisco Security Agent 6.0
NA
CVE-2009-3580
Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote malicious users to hijack the authentication of arbitrary users for requests that change a password via the login, new_password, and confirm_password parameters in a preferences action.
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-3581
Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description field in the Accounts Receivables menu item for Add Transaction, (2) the Description field in the Accounts ...
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operatio...
Sql-ledger Sql-ledger 2.8.24
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-9474
CVE-2024-36620
file inclusion
cache poisoning
man-in-the-middle
CVE-2024-20138
CVE-2024-0012
CVE-2024-20131
CVE-2024-11995
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »