CVE-1999-0734

A default configuration of CiscoSecure Access Control Server ACS allows remote users to modify the server database without authentication...

CVE-2021-23230

A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359...

CVE-2024-4609 Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

The vulnerability in the vManage web interface of the programmatically defined Cisco SD-WAN network allows a attacker to modify records in certain database tables.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to modify records in certain database tables remotely...

CVE-2016-7792

Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it...

CVE-2004-2324

SQL injection vulnerability in DotNetNuke formerly IBuySpy Workshop 1.0.6 through 1.0.10d allows remote attackers to modify the backend database via the 1 table and 2 field parameters in LinkClick.aspx...

CVE-2002-1505

SQL injection vulnerability in board.php for WoltLab Burning Board wBB 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter...