CVE-1999-0734

A default configuration of CiscoSecure Access Control Server ACS allows remote users to modify the server database without authentication...

CVE-2021-23230

A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359...

CVE-2024-4609 Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

CVE-2016-7792

Ubiquiti Networks UniFi 5.2.7 does not restrict access to the database, which allows remote attackers to modify the database by directly connecting to it...

CVE-2004-2324

SQL injection vulnerability in DotNetNuke formerly IBuySpy Workshop 1.0.6 through 1.0.10d allows remote attackers to modify the backend database via the 1 table and 2 field parameters in LinkClick.aspx...

CVE-2002-1505

SQL injection vulnerability in board.php for WoltLab Burning Board wBB 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter...