Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

6.5
CVSSv2
CVE-2019-19029
Harbor SQL Injection via user-groups. Cure53 has discovered that a user with Project-Admin capabilities can utilize and exploit SQL Injection to read secrets from the underlying database or conduct privilege escalation. The vulnerability was immediately fixed by the Harbor team...
Linuxfoundation HarborPivotal Vmware Harbor Registry -
7.5
CVSSv2
CVE-2021-35042
Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application....
Djangoproject DjangoFedoraproject Fedora 34
4
CVSSv2
CVE-2019-19026
Harbor SQL Injection via project quotas. Cure53 has discovered a SQL injection vulnerability in the quotas section of the Harbor API. An authenticated administrator can send a specially crafted SQL payload through the GET parameter sort, allowing the extraction of sensitive...
Linuxfoundation HarborPivotal Vmware Harbor Registry -
5
CVSSv2
CVE-2018-18641
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information....
Gitlab Gitlab
6.5
CVSSv2
CVE-2020-5515
Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection....
Gilacms Gila Cms 1.11.8
7.5
CVSSv2
CVE-2020-20289
Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of the request parameters, triggers a sql injection vulnerability....
Yccms Yccms 3.3
6.8
CVSSv2
CVE-2018-11231
In the Divido plugin for OpenCart, there is SQL injection. Attackers can use SQL injection to get some confidential information....
Divido Divido -
7.5
CVSSv2
CVE-2019-15535
Tasking Manager before 3.4.0 allows SQL Injection via custom SQL....
Hostosm Tasking Manager
5
CVSSv2
CVE-2018-14961
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter....
Zzcms Zzcms 8.3
7.5
CVSSv2
CVE-2018-18761
SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection....
Saltos Saltos 3.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-42539CVE-2021-30359CVE-2021-34484CVE-2021-0483CVE-2021-38646CVE-2020-23041brute forcefirmwaremalicious code‎
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook