678 matches found
CVE-2025-22209
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature...
CVE-2025-22209
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature...
CVE-2025-22206
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature...
CVE-2025-25181
A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter...
CVE-2024-43775
SQL Injection in search course titles function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the search parameter...
PT-2024-25911 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.1.4 Description: The issue allows a regular user to view everyone's user flink information, including executeSQL and config, after successfully logging in. This is achieved by manually making a request using the...
CVE-2023-31433
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
Sql injection
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
CVE-2023-31433
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
CVE-2022-21511
Vulnerability in the Oracle Database - Enterprise Edition Recovery component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows high privileged attacker having EXECUTE ON DBMSIR.EXECUTESQLSCRIPT privilege with network access via...
VulnCheck KEV: CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
GHSA-RP53-FW29-RXG3 powermail extension for TYPO3 vulnerable to SQL Injection
SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
TeamPass vulnerable to SQL Injection
Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an actiononquickicon action to item.query.php or the 2 order or 3 direction parameter in an a connectionslogs, b errorslogs or c accesslogs acti...
News system (news) extension for TYPO3 vulnerable to SQL Injection
SQL injection vulnerability in the News system news extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Accessibility Glossary (a21glossary) SQL injection vulnerability
SQL injection vulnerability in the Accessibility Glossary a21glossary extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
GHSA-QRW3-MQ8R-CQ7Q AdaptCMS SQL Injection vulnerability
SQL injection vulnerability in the "Check User" feature includes/checkuser.php in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...
Elite Graphix Elite Cms SQL注入漏洞
Elite Graphix Elite Cms is a Web Content Management written in Php language by Elite Graphix India. A platform for storing and organizing information and documents. Elite Graphix Elite Cms suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...
SQL Injection
SchedMD is vulnerable to sql injection. A malicious attacker can issue SQL commands to allow attacker to inject sql injection...
CVE-2021-30459
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...
Sql injection
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the rawsql input field of the SQL explain, analyze, or select form...