Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2020-7471
Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a...
Djangoproject Django
4
CVSSv2
CVE-2018-1096
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database....
Theforeman ForemanRedhat Satellite 6.4
6.5
CVSSv2
CVE-2020-9402
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was...
Djangoproject DjangoDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32
6.5
CVSSv2
CVE-2020-35701
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution....
Cacti CactiFedoraproject Fedora 32Fedoraproject Fedora 33Fedoraproject Fedora 34
7.5
CVSSv2
CVE-2018-16850
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges....
Postgresql PostgresqlRedhat Enterprise Linux 7.6Redhat Enterprise Linux 7.4Redhat Enterprise Linux 7.5Redhat Enterprise Linux 7.0Canonical Ubuntu Linux 18.10Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2020-29015
FortiWeb is vulnerable to a blind SQL injection. A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL...
Fortinet Fortiweb
7.5
CVSSv2
CVE-2014-3482
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper...
Rubyonrails Rails 3.2.4Rubyonrails Rails 3.2.3Rubyonrails Rails 3.2.16Rubyonrails Rails 3.2.15Rubyonrails Rails 3.2.0Rubyonrails Rails 3.1.4Rubyonrails Rails 3.1.1Rubyonrails Rails 3.1.0Rubyonrails Ruby On Rails 3.0.4Rubyonrails Rails 3.0.1Rubyonrails Rails 3.0.0Rubyonrails Rails 3.1.5Rubyonrails Rails 3.0.3Rubyonrails Rails 3.0.14Rubyonrails Rails 3.0.16Rubyonrails Rails 3.1.10Rubyonrails Rails 3.2.1Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.17Rubyonrails Rails 3.2.18Rubyonrails Rails 3.0.6Rubyonrails Rails 3.0.7Rubyonrails Rails 3.0.9Rubyonrails Ruby On Rails 2.3.17Rubyonrails Rails 2.0.1Rubyonrails Rails 2.0.2Rubyonrails Rails 2.0.4Rubyonrails Rails 2.1.0Rubyonrails Rails 2.2.2Rubyonrails Rails 2.3.0Rubyonrails Rails 2.3.1Rubyonrails Rails 2.3.2Rubyonrails Rails 2.3.3Rubyonrails Rails 2.3.10Rubyonrails Rails 2.3.15Rubyonrails Rails 2.3.16Rubyonrails Rails 3.0.2Rubyonrails Rails 3.0.10Rubyonrails Rails 3.0.13Rubyonrails Rails 3.1.2Rubyonrails Rails 3.2.8Rubyonrails Rails 3.2.9Rubyonrails Rails 3.2.13Rubyonrails Rails 3.0.11Rubyonrails Rails 3.0.17Rubyonrails Rails 3.0.18Rubyonrails Rails 3.0.20Rubyonrails Rails 3.1.3Rubyonrails Rails 3.1.8Rubyonrails Rails 3.1.9Rubyonrails Rails 3.2.12Rubyonrails Rails 3.0.4Rubyonrails Rails 3.0.8Rubyonrails Rails 2.1.1Rubyonrails Rails 2.1.2Rubyonrails Rails 2.2.0Rubyonrails Rails 2.2.1Rubyonrails Rails 2.3.4Rubyonrails Rails 2.3.9Rubyonrails Rails 2.3.11Rubyonrails Rails 2.3.12Rubyonrails Rails 2.3.13Rubyonrails Rails 2.3.14Rubyonrails Rails 2.3.18Rubyonrails Rails 2.0.0Rubyonrails Rails 3.0.12Rubyonrails Rails 3.2.7Rubyonrails Rails 3.0.19Rubyonrails Rails 3.1.6Rubyonrails Rails 3.1.7Rubyonrails Rails 3.2.6Rubyonrails Rails 3.2.10Rubyonrails Rails 3.2.11Rubyonrails Rails 3.0.5Rubyonrails Rails 3.2.2
5
CVSSv2
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the...
Zetetic Sqlcipher
7.5
CVSSv2
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.6Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.2Rubyonrails Rails 4.1.2Rubyonrails Rails 4.0.0Rubyonrails Rails 4.1.1
7.5
CVSSv2
CVE-2019-14234
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for...
Djangoproject DjangoFedoraproject Fedora 30Debian Debian Linux 10.0Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-23418CVE-2021-36934CVE-2021-32796remoteCVE-2021-37743file uploadCVE-2020-10590log injectionCVE-2021-3490
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook