Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search...
Sql-ledger
7.5
CVSSv2
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter....
Geek247
Pigmy-sql
1 EDB exploit available
6.5
CVSSv2
CVE-2008-4078
SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Dws Systems Inc.
Sql-ledger
Ledgersmb
10
CVSSv2
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field....
Dws Systems Inc.
Sql-ledger
Ledgersmb
6.8
CVSSv2
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled....
Sqlalchemy
Debian
Debian Linux
6.5
CVSSv2
CVE-2014-7814
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter....
Redhat
Cloudforms 3.1 Management Engine
7.5
CVSSv2
CVE-2015-8769
SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors....
Joomla
Joomla!
7.5
CVSSv2
CVE-2013-4386
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter....
Redhat
Openstack
Theforeman
Foreman
7.5
CVSSv2
CVE-2013-4461
SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."...
Redhat
Enterprise Mrg
7.5
CVSSv2
CVE-2015-6659
SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment....
Drupal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-15093
mods-for-hesk
CVE-2020-15092
CVE-2020-15000
insecure direct object reference
encryption
CVE-2020-8193
kingcomposer
CVE-2020-8195
mods for hesk
king-theme
XXE
CVE-2020-12414
1
2
3
4
5
6
NEXT »
Vulmon