Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql injection vulnerabilities and exploits

(subscribe to this query)

6.5
CVSSv3
CVE-2018-1096
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database....
Theforeman ForemanRedhat Satellite 6.4
7.5
CVSSv3
CVE-2021-3119
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the...
Zetetic Sqlcipher
9.8
CVSSv3
CVE-2018-16850
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges....
Postgresql PostgresqlRedhat Enterprise Linux 7.4Redhat Enterprise Linux 7.0Redhat Enterprise Linux 7.5Redhat Enterprise Linux 7.6Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
9.8
CVE-2021-36393
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses....
Moodle Moodle
NA
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.6Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.2Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.1Rubyonrails Rails 4.0.0
NA
CVE-2014-3482
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper...
Rubyonrails Rails 3.2.4Rubyonrails Rails 3.2.3Rubyonrails Rails 3.2.16Rubyonrails Rails 3.2.15Rubyonrails Rails 3.2.0Rubyonrails Rails 3.1.4Rubyonrails Rails 3.1.1Rubyonrails Rails 3.1.0Rubyonrails Rails 3.0.9Rubyonrails Rails 3.0.7Rubyonrails Rails 3.0.6Rubyonrails Ruby On Rails 3.0.4Rubyonrails Rails 3.0.3Rubyonrails Rails 3.0.16Rubyonrails Rails 3.0.14Rubyonrails Rails 3.0.1Rubyonrails Rails 3.0.0Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.18Rubyonrails Rails 3.2.17Rubyonrails Rails 3.2.1Rubyonrails Rails 3.1.5Rubyonrails Rails 3.1.10Rubyonrails Rails 3.0.8Rubyonrails Rails 3.0.4Rubyonrails Rails 3.0.18Rubyonrails Rails 3.0.17Rubyonrails Rails 3.0.11Rubyonrails Rails 3.0.10Rubyonrails Rails 2.0.1Rubyonrails Rails 2.0.2Rubyonrails Rails 2.2.2Rubyonrails Rails 2.3.0Rubyonrails Rails 2.3.15Rubyonrails Rails 2.3.16Rubyonrails Ruby On Rails 2.3.17Rubyonrails Rails 2.0.4Rubyonrails Rails 2.1.0Rubyonrails Rails 2.3.1Rubyonrails Rails 2.3.10Rubyonrails Rails 2.3.2Rubyonrails Rails 2.3.3Rubyonrails Rails 3.2.9Rubyonrails Rails 3.2.8Rubyonrails Rails 3.2.13Rubyonrails Rails 3.2.12Rubyonrails Rails 3.1.9Rubyonrails Rails 3.1.8Rubyonrails Rails 3.1.3Rubyonrails Rails 3.1.2Rubyonrails Rails 3.0.20Rubyonrails Rails 3.0.2Rubyonrails Rails 3.0.13Rubyonrails Rails 2.3.18Rubyonrails Rails 2.0.0Rubyonrails Rails 2.1.1Rubyonrails Rails 2.3.11Rubyonrails Rails 2.3.12Rubyonrails Rails 2.3.4Rubyonrails Rails 2.3.9Rubyonrails Rails 3.2.7Rubyonrails Rails 3.2.6Rubyonrails Rails 3.2.2Rubyonrails Rails 3.2.11Rubyonrails Rails 3.2.10Rubyonrails Rails 3.1.7Rubyonrails Rails 3.1.6Rubyonrails Rails 3.0.5Rubyonrails Rails 3.0.19Rubyonrails Rails 3.0.12Rubyonrails Rails 2.1.2Rubyonrails Rails 2.2.0Rubyonrails Rails 2.2.1Rubyonrails Rails 2.3.13Rubyonrails Rails 2.3.14
9.8
CVSSv3
CVE-2018-10466
Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection....
Zohocorp Manageengine Adaudit Plus
9.8
CVSSv3
CVE-2019-14234
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for...
Djangoproject DjangoFedoraproject Fedora 30Debian Debian Linux 10.0Debian Debian Linux 9.0
7.5
CVE-2022-45930
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface....
Linuxfoundation Opendaylight 0.16.0Linuxfoundation Opendaylight 0.16.4Linuxfoundation Opendaylight 0.15.6Linuxfoundation Opendaylight 0.15.0
8.8
CVSSv3
CVE-2022-0478
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to...
Mage-people Event Manager And Tickets Selling For Woocommerce
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelessSQLCVE-2023-1454overflowCVE-2022-48425CVE-2023-25064CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook