Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-89 Clear
ID Title
CVE-2022-40030 SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
CVE-2022-0495 SQL Injection in sqli (CVE-2022-0495)
SQL injection in sqli (CVE-2022-0495). Confidential information can be exposed externally.
CVE-2022-2315 SQL Injection in sqli (CVE-2022-2315)
SQL injection in sqli (CVE-2022-2315). Confidential information can be exposed externally.
CVE-2022-38619 SQL Injection in sqli (CVE-2022-38619)
SQL injection in sqli (CVE-2022-38619). Successful exploitation can lead to full system takeover.
CVE-2022-2177 SQL Injection in sqli (CVE-2022-2177)
SQL injection in sqli (CVE-2022-2177). Confidential information can be exposed externally.
CVE-2022-38618 SQL Injection in sqli (CVE-2022-38618)
SQL injection in sqli (CVE-2022-38618). Successful exploitation can lead to full system takeover.
CVE-2022-38617 SQL Injection in sqli (CVE-2022-38617)
SQL injection in sqli (CVE-2022-38617). Successful exploitation can lead to full system takeover.
CVE-2022-38616 SQL Injection in sqli (CVE-2022-38616)
SQL injection in sqli (CVE-2022-38616). Successful exploitation can lead to full system takeover.
CVE-2022-38615 SQL Injection in sqli (CVE-2022-38615)
SQL injection in sqli (CVE-2022-38615). Successful exploitation can lead to full system takeover.
CVE-2022-1277 Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
CVE-2022-29709 SQL Injection in sqli (CVE-2022-29709)
SQL injection in sqli (CVE-2022-29709). Confidential information can be exposed externally.
CVE-2022-31384 SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
CVE-2022-31382 SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
CVE-2022-31383 SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
CVE-2021-41672 SQL Injection in sqli (CVE-2021-41672)
SQL injection in sqli (CVE-2021-41672). Confidential information can be exposed externally.
CVE-2016-2386 KEV [KEV] SQL Injection in Sap netweaver (CVE-2016-2386)
SQL injection in Sap netweaver (CVE-2016-2386). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-29704 BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
CVE-2022-30490 SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
CVE-2022-24240 SQL Injection in sqli (CVE-2022-24240)
SQL injection in sqli (CVE-2022-24240). Successful exploitation can lead to full system takeover.
CVE-2021-25874 SQL Injection in sqli (CVE-2021-25874)
SQL injection in sqli (CVE-2021-25874). Confidential information can be exposed externally.
CVE-2020-19961 SQL Injection in sqli (CVE-2020-19961)
SQL injection in sqli (CVE-2020-19961). Confidential information can be exposed externally.
CVE-2021-29004 SQL Injection in sqli (CVE-2021-29004)
SQL injection in sqli (CVE-2021-29004). Successful exploitation can lead to full system takeover.
CVE-2021-39302 SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
CVE-2021-28993 SQL Injection in sqli (CVE-2021-28993)
SQL injection in sqli (CVE-2021-28993). Confidential information can be exposed externally.
CVE-2020-23630 A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
CVE-2020-29228 SQL Injection in sqli (CVE-2020-29228)
SQL injection in sqli (CVE-2020-29228). Data can be tampered with by attackers.
CVE-2020-35276 SQL Injection in sqli (CVE-2020-35276)
SQL injection in sqli (CVE-2020-35276). Successful exploitation can lead to full system takeover.
CVE-2020-28860 SQL Injection in sqli (CVE-2020-28860)
SQL injection in sqli (CVE-2020-28860). Successful exploitation can lead to full system takeover.
CVE-2020-25487 SQL Injection in sqli (CVE-2020-25487)
SQL injection in sqli (CVE-2020-25487). Successful exploitation can lead to full system takeover.
CVE-2020-25514 SQL Injection in simple-library-management-system-project (CVE-2020-25514)
SQL injection in simple-library-management-system-project (CVE-2020-25514). Successful exploitation can lead to full system takeover.
CVE-2020-24193 SQL Injection in sqli (CVE-2020-24193)
SQL injection in sqli (CVE-2020-24193). Successful exploitation can lead to full system takeover.
CVE-2017-18362 KEV [KEV] SQL Injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362)
SQL injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27984 SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
CVE-2022-27985 SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
CVE-2018-7841 KEV [KEV] SQL Injection in Schneider electric schneider-electric (CVE-2018-7841)
SQL injection in Schneider electric schneider-electric (CVE-2018-7841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-37291 SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
CVE-2021-20028 KEV [KEV] SQL Injection in Sonicwall secure-remote-access-sra (CVE-2021-20028)
SQL injection in Sonicwall secure-remote-access-sra (CVE-2021-20028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-12989 KEV [KEV] SQL Injection in Citrix sd-wan-and-netscaler (CVE-2019-12989)
SQL injection in Citrix sd-wan-and-netscaler (CVE-2019-12989). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44088 SQL Injection in sqli (CVE-2021-44088)
SQL injection in sqli (CVE-2021-44088). Successful exploitation can lead to full system takeover.
CVE-2021-42633 SQL Injection in sqli (CVE-2021-42633)
SQL injection in sqli (CVE-2021-42633). Risk of unauthorized operations or information disclosure.
CVE-2020-5722 KEV [KEV] SQL Injection in Grandstream ucm6200 (CVE-2020-5722)
SQL injection in Grandstream ucm6200 (CVE-2020-5722). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-23305 SQL Injection in log4j:log4j (CVE-2022-23305)
SQL injection in log4j:log4j (CVE-2022-23305). Successful exploitation can lead to full system takeover.
CVE-2020-17463 KEV [KEV] SQL Injection in Fuel cms fuel-cms (CVE-2020-17463)
SQL injection in Fuel cms fuel-cms (CVE-2020-17463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27101 KEV [KEV] SQL Injection in Accellion fta (CVE-2021-27101)
SQL injection in Accellion fta (CVE-2021-27101). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Listed in CISA KEV — actively exploited.
CVE-2021-42258 KEV [KEV] SQL Injection in Bqe billquick-web-suite (CVE-2021-42258)
SQL injection in Bqe billquick-web-suite (CVE-2021-42258). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-7481 KEV [KEV] SQL Injection in Sonicwall sma100 (CVE-2019-7481)
SQL injection in Sonicwall sma100 (CVE-2019-7481). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-20016 KEV [KEV] SQL Injection in Sonicwall sslvpn-sma100 (CVE-2021-20016)
SQL injection in Sonicwall sslvpn-sma100 (CVE-2021-20016). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-12271 KEV [KEV] SQL Injection in Sophos sfos (CVE-2020-12271)
SQL injection in Sophos sfos (CVE-2020-12271). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-20585 SQL Injection in c (CVE-2020-20585)
SQL injection in c (CVE-2020-20585). Confidential information can be exposed externally.
CVE-2020-22168 SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →