Vulmon Recent Vulnerabilities Discussions Trends About Contact

sql injection vulnerabilities and exploits

7.2
CVSSv2
CVE-2005-3339
Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors....
Mantis
5
CVSSv2
CVE-2005-3338
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users....
Mantis
7.5
CVSSv2
CVE-2005-3336
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors....
Mantis
7.5
CVSSv2
CVE-2005-3335
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter....
Mantis
4
CVSSv2
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072....
TheforemanKatello
10
CVSSv2
CVE-2003-0500
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name....
Proftpd ProjectProftpd
7.5
CVSSv2
CVE-2016-4999
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set...
Dashbuilder ProjectDashbuilderRedhatJboss Bpm SuiteJboss Enterprise Brms Platform
7.5
CVSSv2
CVE-2005-3419
SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized....
Phpbb GroupPhpbb
5
CVSSv2
CVE-2005-3537
A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs....
Phpbb GroupPhpbb
7.5
CVSSv2
CVE-2005-3536
SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type....
Phpbb GroupPhpbb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
apq8009 firmwareCVE-2020-7211LFICVE-2019-18187CVE-2019-19413CVE-2020-0674CVE-2019-14768CVE-2011-3621qualcommman-in-the-middlepath traversal