Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv3
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the...
Zetetic Sqlcipher
7.2
CVSSv3
CVE-2019-19029
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform....
Linuxfoundation HarborPivotal Vmware Harbor Registry -
9.8
CVSSv3
CVE-2018-16850
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges....
Postgresql PostgresqlRedhat Enterprise Linux 7.6Redhat Enterprise Linux 7.4Redhat Enterprise Linux 7.5Redhat Enterprise Linux 7.0Canonical Ubuntu Linux 18.10Canonical Ubuntu Linux 18.04
NA
CVE-2021-36393
Moodle Blind SQL Injection. An SQL injection risk was identified in the library fetching a user's recent courses...
NA
CVE-2014-3482
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper...
Rubyonrails Rails 3.2.4Rubyonrails Rails 3.2.3Rubyonrails Rails 3.2.16Rubyonrails Rails 3.2.15Rubyonrails Rails 3.2.0Rubyonrails Rails 3.1.4Rubyonrails Rails 3.1.1Rubyonrails Rails 3.1.0Rubyonrails Rails 3.0.9Rubyonrails Rails 3.0.7Rubyonrails Rails 3.0.6Rubyonrails Ruby On Rails 3.0.4Rubyonrails Rails 3.0.3Rubyonrails Rails 3.0.16Rubyonrails Rails 3.0.14Rubyonrails Rails 3.0.1Rubyonrails Rails 3.0.0Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.18Rubyonrails Rails 3.2.17Rubyonrails Rails 3.2.1Rubyonrails Rails 3.1.5Rubyonrails Rails 3.1.10Rubyonrails Rails 3.0.8Rubyonrails Rails 3.0.4Rubyonrails Rails 3.0.18Rubyonrails Rails 3.0.17Rubyonrails Rails 3.0.11Rubyonrails Rails 3.0.10Rubyonrails Rails 2.0.1Rubyonrails Rails 2.0.2Rubyonrails Rails 2.2.2Rubyonrails Rails 2.3.0Rubyonrails Rails 2.3.15Rubyonrails Rails 2.3.16Rubyonrails Ruby On Rails 2.3.17Rubyonrails Rails 2.0.4Rubyonrails Rails 2.1.0Rubyonrails Rails 2.3.1Rubyonrails Rails 2.3.10Rubyonrails Rails 2.3.2Rubyonrails Rails 2.3.3Rubyonrails Rails 3.2.9Rubyonrails Rails 3.2.8Rubyonrails Rails 3.2.13Rubyonrails Rails 3.2.12Rubyonrails Rails 3.1.9Rubyonrails Rails 3.1.8Rubyonrails Rails 3.1.3Rubyonrails Rails 3.1.2Rubyonrails Rails 3.0.20Rubyonrails Rails 3.0.2Rubyonrails Rails 3.0.13Rubyonrails Rails 2.3.18Rubyonrails Rails 2.0.0Rubyonrails Rails 2.1.1Rubyonrails Rails 2.3.11Rubyonrails Rails 2.3.12Rubyonrails Rails 2.3.4Rubyonrails Rails 2.3.9Rubyonrails Rails 3.2.7Rubyonrails Rails 3.2.6Rubyonrails Rails 3.2.2Rubyonrails Rails 3.2.11Rubyonrails Rails 3.2.10Rubyonrails Rails 3.1.7Rubyonrails Rails 3.1.6Rubyonrails Rails 3.0.5Rubyonrails Rails 3.0.19Rubyonrails Rails 3.0.12Rubyonrails Rails 2.1.2Rubyonrails Rails 2.2.0Rubyonrails Rails 2.2.1Rubyonrails Rails 2.3.13Rubyonrails Rails 2.3.14
NA
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.6Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.2Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.1Rubyonrails Rails 4.0.0
9.8
CVSSv3
CVE-2018-10466
Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection....
Zohocorp Manageengine Adaudit Plus
9.8
CVSSv3
CVE-2019-14234
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for...
Djangoproject DjangoFedoraproject Fedora 30Debian Debian Linux 10.0Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2022-0478
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to...
Mage-people Event Manager And Tickets Selling For Woocommerce
8.8
CVSSv3
CVE-2021-42760
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclose sensitive information from DB tables via crafted requests....
Fortinet Fortiwlm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-30216administrator privilegesreflected XSSCVE-2022-35011CVE-2022-34713CVE-2022-35009CVE-2022-35479CVE-2022-1410authentication bypass
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook