CVE-2015-2062

Multiple SQL injection vulnerabilities in the Huge-IT Slider slider-image plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popupposts or editcat action in the slidershugeitslider page to wp-admin/admin.php...

CVE-2013-3638

SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the 'pathes' parameter in 'categories.php'...

SQL Injection

@azhou/basemodel is vulnerable to SQL injection. A remote attacker is able to inject and execute arbitrary SQL statements via the orderBy variable...

SQL Injection

centreon/centreon is vulnerable to SQL Injection. The vulnerability exists as several values in multiple monitoring pages were not properly validated, allowing an attacker to inject and execute arbitrary SQL statements...

CVE-2014-3119

Multiple SQL injection vulnerabilities in web2Project 3.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 searchstring parameter in the contacts module to index.php or allow remote attackers to execute arbitrary SQL commands via the updatekey parameter to ...

CVE-2014-3719

Multiple SQL injection vulnerabilities in cgi-bin/reviewm.cgi in Ex Libris ALEPH 500 Integrated library management system 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the 1 find, 2 lib, or 3 sid parameter...

SQL Injection

geocoder is vulnerable to SQL injection. The vulnerability exists in sql.rb as the unvalidated values of swlat, swlng, nelat, nelng could be used in conjunction with withinboundingbox to inject and execute arbitrary SQL statements...

Zoho ManageEngine Applications Manager SQL Injection (CVE-2019-11469)

A SQL injection vulnerability exists in Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input in FaultTemplateOptions.jsp. Successful exploitation could result in arbitrary SQL code execution...

CVE-2019-12619 Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

Sql injection

SQL injection vulnerability in the MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE:...

Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2019-2090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

CVE-2005-4891

Simple Machine Forum SMF versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements...

CVE-2012-1259

Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...

Sql injection

Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...

SQL Injection

phpmyadmin/phpmyadmin is vulnerable to SQL injection. An authenticated user is able to inject and execute arbitrary SQL via the username parameter...

CVE-2019-15985 Cisco Data Center Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...

Cisco Data Center Network Manager SOAP API SQL Injection Vulnerability

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A SOAP API SQL injection vulnerability exists in Cisco Data Center Network Manager...

CVE-2013-3932

SQL injection vulnerability in the Jomres comjomres component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php...

Sql injection

SQL injection vulnerability in the Jomres comjomres component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php...