Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2008-4078
SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Ledgersmb Ledgersmb 1.2.7Ledgersmb Ledgersmb 1.2.5Ledgersmb Ledgersmb 1.0.0Ledgersmb Ledgersmb 1.2.2Sql-ledger Sql-ledger 2.6.12Sql-ledger Sql-ledger 2.6.13Sql-ledger Sql-ledger 2.6.21Sql-ledger Sql-ledger 2.6.22Sql-ledger Sql-ledger 2.8.1Sql-ledger Sql-ledger 2.8.2Sql-ledger Sql-ledger 2.8.9Sql-ledger Sql-ledger 2.8.10Dws Systems Inc. Sql-ledger 2.6.16Dws Systems Inc. Sql-ledger 2.6.17Ledgersmb Ledgersmb 1.2.9Ledgersmb Ledgersmb 1.2.11Ledgersmb Ledgersmb 1.2.4Ledgersmb Ledgersmb 1.1.5Ledgersmb Ledgersmb 1.1.8Ledgersmb LedgersmbSql-ledger Sql-ledger 2.6.16Sql-ledger Sql-ledger 2.6.17Sql-ledger Sql-ledger 2.6.18Sql-ledger Sql-ledger 2.6.25Sql-ledger Sql-ledger 2.6.26Sql-ledger Sql-ledger 2.8.5Sql-ledger Sql-ledger 2.8.6Sql-ledger Sql-ledger 2.8.14Sql-ledger Sql-ledger 2.8.15Dws Systems Inc. Sql-ledger 2.6.12Dws Systems Inc. Sql-ledger 2.6.13Ledgersmb Ledgersmb 1.2.10Ledgersmb Ledgersmb 1.2.8Ledgersmb Ledgersmb 1.2.6Ledgersmb Ledgersmb 1.2.3Ledgersmb Ledgersmb 1.2.1Ledgersmb Ledgersmb 1.2.0Sql-ledger Sql-ledger 2.6.14Sql-ledger Sql-ledger 2.6.15Sql-ledger Sql-ledger 2.6.23Sql-ledger Sql-ledger 2.6.24Sql-ledger Sql-ledger 2.8.3Sql-ledger Sql-ledger 2.8.4Sql-ledger Sql-ledger 2.8.11Sql-ledger Sql-ledger 2.8.12Sql-ledger Sql-ledger 2.8.13Dws Systems Inc. Sql-ledger 2.6.14Dws Systems Inc. Sql-ledger 2.6.15Dws Systems Inc. Sql-ledger 2.6.4Dws Systems Inc. Sql-ledgerDws Systems Inc. Sql-ledger 2.6.9Sql-ledger Sql-ledger 2.4.10Sql-ledger Sql-ledger 2.4.7Sql-ledger Sql-ledger 2.4.8Sql-ledger Sql-ledger 2.6.1Dws Systems Inc. Sql-ledger 2.2.1Dws Systems Inc. Sql-ledger 2.4.0Dws Systems Inc. Sql-ledger 2.4.1Sql-ledger Sql-ledger 2.6.7Dws Systems Inc. Sql-ledger 2.4.12Dws Systems Inc. Sql-ledger 2.4.3Dws Systems Inc. Sql-ledger 2.4.6Ledgersmb Ledgersmb 1.2.12Ledgersmb Ledgersmb 1.2.13Ledgersmb Ledgersmb 1.1.1Ledgersmb Ledgersmb 1.1.0Sql-ledger Sql-ledger 2.6.10Sql-ledger Sql-ledger 2.6.11Sql-ledger Sql-ledger 2.6.19Sql-ledger Sql-ledger 2.6.20Sql-ledger Sql-ledger 2.6.27Sql-ledger Sql-ledger 2.8.0Sql-ledger Sql-ledger 2.8.7Sql-ledger Sql-ledger 2.8.8Sql-ledger Sql-ledger 2.8.16Sql-ledger Sql-ledgerDws Systems Inc. Sql-ledger 2.6.10Dws Systems Inc. Sql-ledger 2.6.11Dws Systems Inc. Sql-ledger 2.6.3Dws Systems Inc. Sql-ledger 2.6.18Sql-ledger Sql-ledger 2.4.16Sql-ledger Sql-ledger 2.4.4Sql-ledger Sql-ledger 2.6.0Dws Systems Inc. Sql-ledger 2.2.3Dws Systems Inc. Sql-ledger 2.2.4Sql-ledger Sql-ledger 2.6.5Dws Systems Inc. Sql-ledger 2.4.10Dws Systems Inc. Sql-ledger 2.4.2Sql-ledger Sql-ledger 2.6.3Dws Systems Inc. Sql-ledger 2.4.8Sql-ledger Sql-ledger 2.6.9Dws Systems Inc. Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.6.7Dws Systems Inc. Sql-ledger 2.6.2Sql-ledger Sql-ledger 2.4.12Sql-ledger Sql-ledger 2.4.13Sql-ledger Sql-ledger 2.4.14Sql-ledger Sql-ledger 2.4.15Sql-ledger Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.2.0Dws Systems Inc. Sql-ledger 2.2.5Dws Systems Inc. Sql-ledger 2.2.6Dws Systems Inc. Sql-ledger 2.2.7Sql-ledger Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.4.13Dws Systems Inc. Sql-ledger 2.4.16Dws Systems Inc. Sql-ledger 2.4.4Dws Systems Inc. Sql-ledger 2.6.1Dws Systems Inc. Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.6.5Dws Systems Inc. Sql-ledger 2.6.27Dws Systems Inc. Sql-ledger 2.6.8Sql-ledger Sql-ledger 2.4.11Sql-ledger Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.4.6Sql-ledger Sql-ledger 2.6.2Dws Systems Inc. Sql-ledger 2.2.2Sql-ledger Sql-ledger 2.6.4Dws Systems Inc. Sql-ledger 2.4.11Dws Systems Inc. Sql-ledger 2.4.15Dws Systems Inc. Sql-ledger 2.4.14Dws Systems Inc. Sql-ledger 2.4.5Sql-ledger Sql-ledger 2.6.8Dws Systems Inc. Sql-ledger 2.4.7
NA
CVE-2008-3053
SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors....
Typo3 Sql Frontend Extension 1.0.0Typo3 Sql Frontend Extension 1.0.1Typo3 Sql Frontend Extension 1.0.7Typo3 Sql Frontend Extension 1.0.8Typo3 Sql Frontend Extension 1.0.3Typo3 Sql Frontend Extension 1.0.4Typo3 Sql Frontend Extension 1.0.5Typo3 Sql Frontend Extension 1.0.6Typo3 Sql Frontend Extension 1.0.10Typo3 Sql Frontend Extension 1.0.2Typo3 Sql Frontend Extension 1.0.9Typo3 Sql Frontend Extension
NA
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search...
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field....
Dws Systems Inc. Sql-ledger 2.2.7Dws Systems Inc. Sql-ledger 2.4.0Dws Systems Inc. Sql-ledger 2.4.15Dws Systems Inc. Sql-ledger 2.4.16Dws Systems Inc. Sql-ledger 2.4.8Dws Systems Inc. Sql-ledger 2.4.9Dws Systems Inc. Sql-ledger 2.6.16Dws Systems Inc. Sql-ledger 2.6.17Dws Systems Inc. Sql-ledger 2.6.6Dws Systems Inc. Sql-ledger 2.6.7Ledgersmb Ledgersmb 1.1.8Ledgersmb Ledgersmb 1.2.0Dws Systems Inc. Sql-ledger 2.2.0Dws Systems Inc. Sql-ledger 2.2.1Dws Systems Inc. Sql-ledger 2.4.1Dws Systems Inc. Sql-ledger 2.4.10Dws Systems Inc. Sql-ledger 2.4.2Dws Systems Inc. Sql-ledger 2.4.3Dws Systems Inc. Sql-ledger 2.6.1Dws Systems Inc. Sql-ledger 2.6.10Dws Systems Inc. Sql-ledger 2.6.18Dws Systems Inc. Sql-ledger 2.6.2Dws Systems Inc. Sql-ledger 2.6.8Dws Systems Inc. Sql-ledger 2.6.9Ledgersmb Ledgersmb 1.2.1Ledgersmb Ledgersmb 1.2.2Dws Systems Inc. Sql-ledger 2.2.2Dws Systems Inc. Sql-ledger 2.2.3Dws Systems Inc. Sql-ledger 2.4.11Dws Systems Inc. Sql-ledger 2.4.12Dws Systems Inc. Sql-ledger 2.4.4Dws Systems Inc. Sql-ledger 2.4.5Dws Systems Inc. Sql-ledger 2.6.11Dws Systems Inc. Sql-ledger 2.6.12Dws Systems Inc. Sql-ledger 2.6.27Dws Systems Inc. Sql-ledger 2.6.3Ledgersmb Ledgersmb 1.0.0Ledgersmb Ledgersmb 1.1.0Ledgersmb Ledgersmb 1.2.3Ledgersmb Ledgersmb 1.2.4Ledgersmb Ledgersmb 1.2.5Dws Systems Inc. Sql-ledger 2.2.4Dws Systems Inc. Sql-ledger 2.2.5Dws Systems Inc. Sql-ledger 2.2.6Dws Systems Inc. Sql-ledger 2.4.13Dws Systems Inc. Sql-ledger 2.4.14Dws Systems Inc. Sql-ledger 2.4.6Dws Systems Inc. Sql-ledger 2.4.7Dws Systems Inc. Sql-ledger 2.6.13Dws Systems Inc. Sql-ledger 2.6.14Dws Systems Inc. Sql-ledger 2.6.15Dws Systems Inc. Sql-ledger 2.6.4Dws Systems Inc. Sql-ledger 2.6.5Ledgersmb Ledgersmb 1.1.1Ledgersmb Ledgersmb 1.1.5Ledgersmb Ledgersmb 1.2.6Ledgersmb Ledgersmb 1.2.7
NA
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter....
Geek247 Pigmy-sqlGeek247 Pigmy-sql 1.4
NA
CVE-2008-7120
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter....
Mrcgiguy Hot Links Sql-php
7.2
CVSSv3
CVE-2020-9318
Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15....
Red-gate Sql Monitor
NA
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."...
Microsoft Sql Server 2000
NA
CVE-2008-4378
SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter....
Mr. Cgi Guy Hot Links Sql Php
NA
CVE-2002-0645
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands....
Microsoft Data Engine 2000Microsoft Sql Server 2000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XML injectionCVE-2022-34713log injectionCVE-2022-20384CVE-2022-20382CVE-2022-20251CVE-2022-31656CVE-2021-0975path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook