Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-1096
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database....
Theforeman Foreman
Redhat Satellite 6.4
7.5
CVSSv3
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the...
Zetetic Sqlcipher
9.8
CVSSv3
CVE-2018-16850
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges....
Postgresql Postgresql
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.6
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
9.8
CVE-2021-36393
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses....
Moodle Moodle
NA
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.5
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.0.4
Rubyonrails Rails 4.0.3
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.0.0
NA
CVE-2014-3482
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper...
Rubyonrails Rails 3.2.4
Rubyonrails Rails 3.2.3
Rubyonrails Rails 3.2.16
Rubyonrails Rails 3.2.15
Rubyonrails Rails 3.2.0
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.6
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.16
Rubyonrails Rails 3.0.14
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.2.5
Rubyonrails Rails 3.2.18
Rubyonrails Rails 3.2.17
Rubyonrails Rails 3.2.1
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.10
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.18
Rubyonrails Rails 3.0.17
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.10
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.0
Rubyonrails Rails 2.3.15
Rubyonrails Rails 2.3.16
Rubyonrails Ruby On Rails 2.3.17
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.3.1
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 3.2.9
Rubyonrails Rails 3.2.8
Rubyonrails Rails 3.2.13
Rubyonrails Rails 3.2.12
Rubyonrails Rails 3.1.9
Rubyonrails Rails 3.1.8
Rubyonrails Rails 3.1.3
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.0.20
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.13
Rubyonrails Rails 2.3.18
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 3.2.7
Rubyonrails Rails 3.2.6
Rubyonrails Rails 3.2.2
Rubyonrails Rails 3.2.11
Rubyonrails Rails 3.2.10
Rubyonrails Rails 3.1.7
Rubyonrails Rails 3.1.6
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.19
Rubyonrails Rails 3.0.12
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.3.13
Rubyonrails Rails 2.3.14
9.8
CVSSv3
CVE-2018-10466
Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection....
Zohocorp Manageengine Adaudit Plus
9.8
CVSSv3
CVE-2019-14234
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for...
Djangoproject Django
Fedoraproject Fedora 30
Debian Debian Linux 10.0
Debian Debian Linux 9.0
14 Github repositories available
7.5
CVE-2022-45930
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface....
Linuxfoundation Opendaylight 0.16.0
Linuxfoundation Opendaylight 0.16.4
Linuxfoundation Opendaylight 0.15.6
Linuxfoundation Opendaylight 0.15.0
1 Github repository available
8.8
CVSSv3
CVE-2022-0478
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to...
Mage-people Event Manager And Tickets Selling For Woocommerce
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wireless
SQL
CVE-2023-1454
overflow
CVE-2022-48425
CVE-2023-25064
CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »