Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1300 matches found

Cvelist
Cvelistadded 2020/02/19 7:15 p.m.12 views

CVE-2020-3154 Cisco Cloud Web Security SQL Injection Vulnerability

A vulnerability in the web UI of Cisco Cloud Web Security CWS could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this...

4.9CVSS5.8AI score0.00245EPSS
Exploits0References1
Cisco
Ciscoadded 2020/02/19 4:0 p.m.22 views

Cisco Cloud Web Security SQL Injection Vulnerability

A vulnerability in the web UI of Cisco Cloud Web Security could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this vulnerability...

4.9CVSS5.7AI score0.00245EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2020/02/04 8:18 p.m.28 views

CVE-2020-7939

SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. This is a problem in Zope...

8.8CVSS3.8AI score0.00405EPSS
Exploits0References3
NVD
NVDadded 2020/02/04 5:15 a.m.8 views

CVE-2020-3937

SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database...

8.1CVSS8.5AI score0.00334EPSS
Exploits0References2
NVD
NVDadded 2020/01/26 5:15 a.m.14 views

CVE-2019-12619

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.5CVSS6.6AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/01/26 4:25 a.m.19 views

CVE-2019-12619 Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.4CVSS6.7AI score0.00264EPSS
Exploits0References1
Cisco
Ciscoadded 2020/01/22 4:0 p.m.21 views

Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

6.4CVSS2.3AI score0.00264EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2020/01/13 12:0 a.m.1 views

The vulnerability of the Web interface of the Cisco Unified Communications Manager allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of the Cisco Unified Communications Manager web interface relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

6.5CVSS6.7AI score0.04005EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.18 views

Cisco Data Center Network Manager getSwitchsDataLength SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests to the getSwitchsDataLength endpoin...

7.5CVSS2.4AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.13 views

Cisco Data Center Network Manager checkLinkUUID SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.2CVSS4.5AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.16 views

Cisco Data Center Network Manager getTaskList SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.3AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.22 views

Cisco Data Center Network Manager getHostEnclList SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.4AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.15 views

Cisco Data Center Network Manager getJobExecutionDetails SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.4AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.17 views

Cisco Data Center Network Manager deleteVpcHistory SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.2CVSS4.5AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.18 views

Cisco Data Center Network Manager getIslListWithPMForTopology SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.5AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.15 views

Cisco Data Center Network Manager getRpmJobLength SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

4.9CVSS2.2AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.24 views

Cisco Data Center Network Manager getList SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.3AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.18 views

Cisco Data Center Network Manager getSMUTasks SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.2CVSS4.4AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.15 views

Cisco Data Center Network Manager getLanSwitchList SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.8AI score0.24346EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiativeadded 2020/01/03 12:0 a.m.18 views

Cisco Data Center Network Manager getVmHostData SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.3AI score0.24346EPSS
Exploits10References1
Rows per page
Query Builder