Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the...
Zetetic Sqlcipher
7.2
CVSSv3
CVE-2019-19029
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform....
Linuxfoundation Harbor
Pivotal Vmware Harbor Registry -
9.8
CVSSv3
CVE-2018-16850
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges....
Postgresql Postgresql
Redhat Enterprise Linux 7.6
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
NA
CVE-2021-36393
Moodle Blind SQL Injection. An SQL injection risk was identified in the library fetching a user's recent courses...
NA
CVE-2014-3482
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper...
Rubyonrails Rails 3.2.4
Rubyonrails Rails 3.2.3
Rubyonrails Rails 3.2.16
Rubyonrails Rails 3.2.15
Rubyonrails Rails 3.2.0
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.6
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.16
Rubyonrails Rails 3.0.14
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.2.5
Rubyonrails Rails 3.2.18
Rubyonrails Rails 3.2.17
Rubyonrails Rails 3.2.1
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.10
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.18
Rubyonrails Rails 3.0.17
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.10
Rubyonrails Rails 2.0.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.2.2
Rubyonrails Rails 2.3.0
Rubyonrails Rails 2.3.15
Rubyonrails Rails 2.3.16
Rubyonrails Ruby On Rails 2.3.17
Rubyonrails Rails 2.0.4
Rubyonrails Rails 2.1.0
Rubyonrails Rails 2.3.1
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.3.2
Rubyonrails Rails 2.3.3
Rubyonrails Rails 3.2.9
Rubyonrails Rails 3.2.8
Rubyonrails Rails 3.2.13
Rubyonrails Rails 3.2.12
Rubyonrails Rails 3.1.9
Rubyonrails Rails 3.1.8
Rubyonrails Rails 3.1.3
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.0.20
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.13
Rubyonrails Rails 2.3.18
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.3.4
Rubyonrails Rails 2.3.9
Rubyonrails Rails 3.2.7
Rubyonrails Rails 3.2.6
Rubyonrails Rails 3.2.2
Rubyonrails Rails 3.2.11
Rubyonrails Rails 3.2.10
Rubyonrails Rails 3.1.7
Rubyonrails Rails 3.1.6
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.19
Rubyonrails Rails 3.0.12
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.2.0
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.3.13
Rubyonrails Rails 2.3.14
NA
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.5
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.0.4
Rubyonrails Rails 4.0.3
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.0.0
9.8
CVSSv3
CVE-2018-10466
Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection....
Zohocorp Manageengine Adaudit Plus
9.8
CVSSv3
CVE-2019-14234
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for...
Djangoproject Django
Fedoraproject Fedora 30
Debian Debian Linux 10.0
Debian Debian Linux 9.0
8 Github repositories available
8.8
CVSSv3
CVE-2022-0478
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to...
Mage-people Event Manager And Tickets Selling For Woocommerce
8.8
CVSSv3
CVE-2021-42760
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclose sensitive information from DB tables via crafted requests....
Fortinet Fortiwlm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-30216
administrator privileges
reflected XSS
CVE-2022-35011
CVE-2022-34713
CVE-2022-35009
CVE-2022-35479
CVE-2022-1410
authentication bypass
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »