Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-40030 |
|
SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
|
| CVE-2022-0495 |
|
SQL Injection in sqli (CVE-2022-0495)
SQL injection in sqli (CVE-2022-0495). Confidential information can be exposed externally.
|
| CVE-2022-2315 |
|
SQL Injection in sqli (CVE-2022-2315)
SQL injection in sqli (CVE-2022-2315). Confidential information can be exposed externally.
|
| CVE-2022-38619 |
|
SQL Injection in sqli (CVE-2022-38619)
SQL injection in sqli (CVE-2022-38619). Successful exploitation can lead to full system takeover.
|
| CVE-2022-2177 |
|
SQL Injection in sqli (CVE-2022-2177)
SQL injection in sqli (CVE-2022-2177). Confidential information can be exposed externally.
|
| CVE-2022-38618 |
|
SQL Injection in sqli (CVE-2022-38618)
SQL injection in sqli (CVE-2022-38618). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38617 |
|
SQL Injection in sqli (CVE-2022-38617)
SQL injection in sqli (CVE-2022-38617). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38616 |
|
SQL Injection in sqli (CVE-2022-38616)
SQL injection in sqli (CVE-2022-38616). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38615 |
|
SQL Injection in sqli (CVE-2022-38615)
SQL injection in sqli (CVE-2022-38615). Successful exploitation can lead to full system takeover.
|
| CVE-2022-1277 |
|
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
|
| CVE-2022-29709 |
|
SQL Injection in sqli (CVE-2022-29709)
SQL injection in sqli (CVE-2022-29709). Confidential information can be exposed externally.
|
| CVE-2022-31384 |
|
SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31382 |
|
SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31383 |
|
SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41672 |
|
SQL Injection in sqli (CVE-2021-41672)
SQL injection in sqli (CVE-2021-41672). Confidential information can be exposed externally.
|
| CVE-2016-2386 KEV |
|
[KEV] SQL Injection in Sap netweaver (CVE-2016-2386)
SQL injection in Sap netweaver (CVE-2016-2386). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-29704 |
|
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
|
| CVE-2022-30490 |
|
SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24240 |
|
SQL Injection in sqli (CVE-2022-24240)
SQL injection in sqli (CVE-2022-24240). Successful exploitation can lead to full system takeover.
|
| CVE-2021-25874 |
|
SQL Injection in sqli (CVE-2021-25874)
SQL injection in sqli (CVE-2021-25874). Confidential information can be exposed externally.
|
| CVE-2020-19961 |
|
SQL Injection in sqli (CVE-2020-19961)
SQL injection in sqli (CVE-2020-19961). Confidential information can be exposed externally.
|
| CVE-2021-29004 |
|
SQL Injection in sqli (CVE-2021-29004)
SQL injection in sqli (CVE-2021-29004). Successful exploitation can lead to full system takeover.
|
| CVE-2021-39302 |
|
SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
|
| CVE-2021-28993 |
|
SQL Injection in sqli (CVE-2021-28993)
SQL injection in sqli (CVE-2021-28993). Confidential information can be exposed externally.
|
| CVE-2020-23630 |
|
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
|
| CVE-2020-29228 |
|
SQL Injection in sqli (CVE-2020-29228)
SQL injection in sqli (CVE-2020-29228). Data can be tampered with by attackers.
|
| CVE-2020-35276 |
|
SQL Injection in sqli (CVE-2020-35276)
SQL injection in sqli (CVE-2020-35276). Successful exploitation can lead to full system takeover.
|
| CVE-2020-28860 |
|
SQL Injection in sqli (CVE-2020-28860)
SQL injection in sqli (CVE-2020-28860). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25487 |
|
SQL Injection in sqli (CVE-2020-25487)
SQL injection in sqli (CVE-2020-25487). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25514 |
|
SQL Injection in simple-library-management-system-project (CVE-2020-25514)
SQL injection in simple-library-management-system-project (CVE-2020-25514). Successful exploitation can lead to full system takeover.
|
| CVE-2020-24193 |
|
SQL Injection in sqli (CVE-2020-24193)
SQL injection in sqli (CVE-2020-24193). Successful exploitation can lead to full system takeover.
|
| CVE-2017-18362 KEV |
|
[KEV] SQL Injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362)
SQL injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-27984 |
|
SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27985 |
|
SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
|
| CVE-2018-7841 KEV |
|
[KEV] SQL Injection in Schneider electric schneider-electric (CVE-2018-7841)
SQL injection in Schneider electric schneider-electric (CVE-2018-7841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37291 |
|
SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
|
| CVE-2021-20028 KEV |
|
[KEV] SQL Injection in Sonicwall secure-remote-access-sra (CVE-2021-20028)
SQL injection in Sonicwall secure-remote-access-sra (CVE-2021-20028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-12989 KEV |
|
[KEV] SQL Injection in Citrix sd-wan-and-netscaler (CVE-2019-12989)
SQL injection in Citrix sd-wan-and-netscaler (CVE-2019-12989). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44088 |
|
SQL Injection in sqli (CVE-2021-44088)
SQL injection in sqli (CVE-2021-44088). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42633 |
|
SQL Injection in sqli (CVE-2021-42633)
SQL injection in sqli (CVE-2021-42633). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-5722 KEV |
|
[KEV] SQL Injection in Grandstream ucm6200 (CVE-2020-5722)
SQL injection in Grandstream ucm6200 (CVE-2020-5722). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-23305 |
|
SQL Injection in log4j:log4j (CVE-2022-23305)
SQL injection in log4j:log4j (CVE-2022-23305). Successful exploitation can lead to full system takeover.
|
| CVE-2020-17463 KEV |
|
[KEV] SQL Injection in Fuel cms fuel-cms (CVE-2020-17463)
SQL injection in Fuel cms fuel-cms (CVE-2020-17463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27101 KEV |
|
[KEV] SQL Injection in Accellion fta (CVE-2021-27101)
SQL injection in Accellion fta (CVE-2021-27101). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42258 KEV |
|
[KEV] SQL Injection in Bqe billquick-web-suite (CVE-2021-42258)
SQL injection in Bqe billquick-web-suite (CVE-2021-42258). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7481 KEV |
|
[KEV] SQL Injection in Sonicwall sma100 (CVE-2019-7481)
SQL injection in Sonicwall sma100 (CVE-2019-7481). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-20016 KEV |
|
[KEV] SQL Injection in Sonicwall sslvpn-sma100 (CVE-2021-20016)
SQL injection in Sonicwall sslvpn-sma100 (CVE-2021-20016). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-12271 KEV |
|
[KEV] SQL Injection in Sophos sfos (CVE-2020-12271)
SQL injection in Sophos sfos (CVE-2020-12271). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-20585 |
|
SQL Injection in c (CVE-2020-20585)
SQL injection in c (CVE-2020-20585). Confidential information can be exposed externally.
|
| CVE-2020-22168 |
|
SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
|