EUVD-2026-32129

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

PT-2025-35445

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric MELSEC iQ-F Series CPU module affected versions not specified Description: A missing authentication feature in the MODBUS/TCP implementation of the Mitsubishi Electric MELSEC iQ-F Series CPU module allows a remote,...

CVE-2022-30079

Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acosservice that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter...

Cisco SD-WAN vManage Software SQL Injection Vulnerability (cisco-sa-vmanage-v78FubGV)

The version of Cisco SD-WAN vManage Software installed on the remote host is affected by a vulnerability as referenced in the cisco-sa-vmanage-v78FubGV advisory. - A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker ...

Sql injection

Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities exist because the web-based management interface improperly validates value...

CVE-2020-3154 Cisco Cloud Web Security SQL Injection Vulnerability

A vulnerability in the web UI of Cisco Cloud Web Security CWS could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this...