28 matches found
WordPress Loginizer Plugin SQL injection (CVE-2020-27615)
An SQL injection vulnerability exists in WordPress Loginizer Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
SQL Injection
kylin-server-base is vulnerable to SQL injection. User input to some RESTful APIs is not validated and sanitized before being concatenated to SQL queries. This allows an attacker to inject and execute arbitrary SQL statements in the database...
CVE-2005-4891
Simple Machine Forum SMF versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements...
Shipping System CMS SQL Injection Vulnerability
Shipping System CMS is a shipping management system. Shipping System CMS suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to execute arbitrary SQL statements...
DuomiCms 1.32 Command Execution Vulnerability in Frontend
DuomiCms is a specialized video-on-demand system. A command execution vulnerability exists in DuomiCms 1.32 frontend. An attacker can exploit this vulnerability to execute arbitrary php statements or system commands...
Design/Logic Flaw
MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements...
WebCalendar SQL Injection (Nov 2005) - Active Check
The remote installation of WebCalendar may allow an attacker to cause an SQL Injection vulnerability in the program allowing an attacker to cause the program to execute arbitrary SQL statements. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced...
PD9 MegaBBS Multiple Vulnerabilities
The remote host is running MegaBBS, a web-based bulletin board system written in ASP. The remote version of this software is vulnerable to a SQL injection attack due to a lack of sanitization of user-supplied input. An attacker may exploit this flaw to issue arbitrary statements in the remote...