1174 matches found
CVE-2021-26762
SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php...
CVE-2021-26232
SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php...
CVE-2021-26231
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php...
CVE-2019-5278
There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of...
CVE-2010-4121
The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not require authentication for SQL statements, which allows remote attackers to modify, create, or read database records via a session on TCP port 2020. NOTE: the vendor disputes this issue, stating that the...
CVE-2005-2206
Multiple SQL injection vulnerabilities in CartWIZ allow remote attackers to modify SQL statements via the 1 idProduct parameter to tellAFriend.asp, 2 sortType parameter to viewSupportTickets.asp, or the id parameter to 3 updateCreditCards.asp or 4 deleteCreditCards.asp...
CVE-2005-2284
Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack vectors...
CVE-2025-29649
SQL Injection vulnerability exists in the TP-Link TL-WR840N router s login dashboard version 1.0, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided...
CVE-2025-29648
SQL Injection vulnerability exists in the TP-Link EAP120 router s login dashboard version 1.0, allowing an unauthenticated attacker to inject malicious SQL statements via the login fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where acces...
CVE-2025-29653
SQL Injection vulnerability exists in the TP-Link M7450 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.2 Build 170306 Rel.1015n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields...
CVE-2025-29653
...
CVE-2025-29648
CVE-2025-29648 is rejected/not used per the Initial Description.
CVE-2025-29653
TP-Link M7450 4G LTE Mobile Wi‑Fi Router is affected by CVE-2025-29653 as reported in multiple sources (Red Hat and PT-2025-16890). The vulnerability is a SQL Injection in firmware version 1.0.2 Build 170306 Rel.1015n, exploitable via the username and password fields. The PT-2025-16890 descriptio...
CVE-2025-29648
...
ROS-20250326-11
A vulnerability in the sqlghashsource component of the virtuoso-opensource web application development platform is related to the unconstrained and unregulated resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using special...
Linux Distros Unpatched Vulnerability : CVE-2024-57654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the qstvecgetint64 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
Linux Distros Unpatched Vulnerability : CVE-2024-57657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the sqlgvecupd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
Linux Distros Unpatched Vulnerability : CVE-2024-57647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the rowinsertcast component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
Linux Distros Unpatched Vulnerability : CVE-2023-31623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the mpboxcopy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
Linux Distros Unpatched Vulnerability : CVE-2023-31621
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the kcvarcol component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...