CVE-2022-27376

MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Itemargs::walkarg, which is exploited via specially crafted SQL statements...

CVE-2022-27376

MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Itemargs::walkarg, which is exploited via specially crafted SQL statements...

Elide SQL Injection Vulnerability

Elide is a Java library. Elide is vulnerable to SQL injection, which can be exploited by attackers to execute arbitrary SQL statements...

Citrix SD-WAN SQL Injection (CVE-2019-12989)

An SQL injection vulnerability exists in Citrix SD-WAN. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Wordpress Plugin Paid Memberships Pro SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in Wordpress Plugin Paid Memberships Pro versions prior to 2.6....

WordPress Sync WooCommerce Product feed to Google Shopping plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Sync WooCommerce Product feed to Google Shopping plugin has a SQL injection vulnerability The vulnerability stems from the...

PuneethReddyHC SQL Injection Vulnerability

PuneethReddyHC is an online shopping system. SQL injection vulnerability exists in PuneethReddyHC, which can be exploited by attackers to execute arbitrary SQL statements with the p parameter in product.php...

Synology DiskStation Manager SQL Injection Vulnerability (CNVD-2022-27445)

Synology DiskStation Manager DSM is an operating system used on network storage servers NAS by Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in Synology DiskStation Manager, which stems from the failure of the product's Log Management function to handle special characters i...

CVE-2021-27472

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements...

CVE-2021-27468

The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...

Authentication flaw

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...

Design/Logic Flaw

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements...

Authentication flaw

The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...

CVE-2021-27472 Rockwell Automation FactoryTalk AssetCentre SQL Injection

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements...

CVE-2021-27472

CVE-2021-27472 affects Rockwell Automation FactoryTalk AssetCentre (v10.00 and earlier) with a SQL Injection in the RunSearch function of the SearchService, enabling remote unauthenticated arbitrary SQL execution. The vulnerability is documented across multiple sources (NVD, Red Hat, CVE list) an...

CVE-2021-27464 Rockwell Automation FactoryTalk AssetCentre SQL Injection

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements...

Taocms SQL Injection Vulnerability (CNVD-2022-33838)

Taocms is a micro Cms content management system in China. a SQL injection vulnerability exists in Taocms v3.0.2, which stems from the lack of validation of external input SQL statements in the id parameter in includeModelCategory.php, and can be exploited by attackers to execute illegal SQL...

Slims8 Akasia SQL Injection Vulnerability

Slims8 Akasia is a software of the Slims community in Indonesia. It is used for library resource management e.g. books, journals, digital documents and other library materials and administration.An SQL injection vulnerability exists in Slims8 Akasia version 8.3.1, which stems from missing SQL...

WordPress MOLIE plugin SQL injection vulnerability

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress MOLIE plugin 0.5 and earlier versions have a SQL injection vulnerability, which stems from the failure of MOLIE to validate and escape SQL...

WordPress WP Statistics Plugin SQL Injection (CVE-2022-25148)

An SQL injection vulnerability exists in WordPress WP Statistics Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...