13184 matches found
CVE-2017-15933
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface aka eonweb 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacityperdevice/index.php...
CVE-2014-2023
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to 1 unsubscribeforum.php or 2 unsubscribetopic.php in mobiquo/functions/...
Sql injection
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php...
CVE-2017-15907
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php...
CVE-2017-15907
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php...
CVE-2017-15907
CVE-2017-15907: SQL injection in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php. Affected: phpCollab (2.5.1 and earlier). Root cause: unsafely embedded user input in SQL query construction. Impact: potential data...
Sql injection
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface aka eonweb 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the groupname parameter to module/admingroup/addmodifygroup.php for insertgroup and updategroup...
CVE-2017-15880
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface aka eonweb 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the groupname parameter to module/admingroup/addmodifygroup.php for insertgroup and updategroup...
CVE-2017-15880
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface aka eonweb 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the groupname parameter to module/admingroup/addmodifygroup.php for insertgroup and updategroup...
activerecord vulnerable to SQL Injection
Multiple SQL injection vulnerabilities in the quotetablename method in the ActiveRecord adapters in activerecord/lib/activerecord/connectionadapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a...
GHSA-XF96-32Q2-9RW2 Rails ActiveRecord gem vulnerable to SQL injection
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
GHSA-GH2W-J7CX-2664 Active Record contains SQL Injection
SQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in...
Active Record contains SQL Injection
SQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in...
GHSA-MHWP-QHPC-H3JM SQL Injection in Active Record
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresqladapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting...
SQL Injection in Active Record
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresqladapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting...
GHSA-R8FH-HQ2P-7QHQ Active Record contains SQL Injection via improper range quoting
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...
activerecord vulnerable to SQL Injection
Multiple SQL injection vulnerabilities in the quotetablename method in the ActiveRecord adapters in activerecord/lib/activerecord/connectionadapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
Active Record contains SQL Injection
SQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in...
SQL Injection Vulnerability in quote_table_name in rails/activerecord
Multiple SQL injection vulnerabilities in the quotetablename method in the ActiveRecord adapters in activerecord/lib/activerecord/connectionadapters in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a craft...