Sql injection

SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot aka slack-archive-bot before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute...

CVE-2018-17232

SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot aka slack-archive-bot before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute...

CVE-2018-17232

SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot aka slack-archive-bot before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute...

Sql injection

phpkaiyuancms PhpOpenSourceCMS POSCMS V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajaxsavedraft function with the dir parameter...

Sql injection

SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function...

WordPress Chained Quiz 1.0.8 Plugin - answer SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection Exploit Author: Çlirim Emini Website: https://www.sentry.co.com Software Link: https://wordpress.org/plugins/chained-quiz/ Version/s: 1.0.8 and below Patched Version:...

WordPress Chained Quiz 1.0.8 SQL Injection

Exploit Title: WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection Exploit Author: Alirim Emini Website: https://www.sentry.co.com Software Link: https://wordpress.org/plugins/chained-quiz/ Version/s: 1.0.8 and below Patched Version: 1.0.9 CVE : N/A WPVULNDB:...

Chained Quiz <= 1.0.8 - Unauthenticated SQL Injection

WordPress Plugin Plugin Chained Quiz before 1.0.9 allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters. Technical details: Chained Quiz appears to be vulnerable to time-based SQL-Injection. The issue lies on the "$answer" backend variable...

CVE-2018-15149

SQL injection vulnerability in interface/forms/eyemag/php/Anythingsimple.php from library/forms.inc in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'encounter' parameter...

CVE-2018-15147

OpenEMR

CVE-2018-15146

SQL injection vulnerability in interface/deidentificationforms/findimmunizationpopup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'searchterm' parameter...

CVE-2018-15144

SQL injection vulnerability in interface/deidentificationforms/finddrugpopup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the searchterm parameter...

CVE-2018-15145

Multiple SQL injection vulnerabilities in portal/addediteventuser.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the 1 eid, 2 userid, or 3 pid parameter...

CVE-2017-10936

SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information...

CVE-2017-10937

SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information...

CVE-2017-10936

SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information...

WUZHI CMS SQL Injection Vulnerability (CNVD-2018-15403)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system. WUZHI CMS 4.1.0 version of the coreframe/app/order/admin/goods.php file there is a SQL injection vulnerability, the vulnerability stems from the program does not filte...

Sql injection

SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116...

CVE-2013-3000

SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116...

CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...