sql injection vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors....

Mantis

5

CVSSv2

Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users....

Mantis

7.5

CVSSv2

PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter....

Mantis

7.2

CVSSv2

Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors....

Mantis

7.5

CVSSv2

SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter....

Cacti

7.5

CVSSv2

SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter....

Cacti

7.5

CVSSv2

SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized....

Phpbb Group Phpbb

5

CVSSv2

A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs....

Phpbb Group Phpbb

7.5

CVSSv2

usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement....

Phpbb Group Phpbb

7.5

CVSSv2

SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type....

Phpbb Group Phpbb

« PREV 1 2 3 4 5 6 7 NEXT »