Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25432 | 1 Online Reviewer Management System Project | 1 Online Reviewer Management System | 2023-03-06 | N/A | 7.2 HIGH |
| An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer_0/admins/assessments/course/course-update.php. | |||||
| CVE-2023-26033 | 1 Gentoo | 1 Soko | 2023-03-06 | N/A | 9.1 CRITICAL |
| Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_history` cookie is used as a base64 encoded comma separated list of atoms. These are string loaded directly into the SQL query with `atom = '%s'` format string. As a result, any user can modify the browser's cookie value and inject most SQL queries. A proof of concept malformed cookie was generated that wiped the database or changed it's content. On the database, only public data is stored, so there is no confidentiality issues to site users. If it is known that the database was modified, a full restoration of data is possible by performing a full database wipe and performing full update of all components. This issue is patched with commit id 5ae9ca83b73. Version 1.0.1 contains the patch. If users are unable to upgrade immediately, the following workarounds may be applied: (1.) Use a proxy to always drop the `search_history` cookie until upgraded. The impact on user experience is low. (2.) Sanitize to the value of `search_history` cookie after base64 decoding it. | |||||
| CVE-2022-22897 | 1 Apollotheme | 1 Ap Pagebuilder | 2023-03-03 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data. | |||||
| CVE-2019-5476 | 1 Nextcloud | 1 Lookup-server | 2023-03-03 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection in the Nextcloud Lookup-Server < v0.3.0 (running on https://lookup.nextcloud.com) caused unauthenticated users to be able to execute arbitrary SQL commands. | |||||
| CVE-2019-14529 | 1 Open-emr | 1 Openemr | 2023-03-03 | 7.5 HIGH | 9.8 CRITICAL |
| OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php. | |||||
| CVE-2019-14313 | 1 10web | 1 Photo Gallery | 2023-03-03 | 10.0 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php. | |||||
| CVE-2023-25813 | 1 Sequelizejs | 1 Sequelize | 2023-03-03 | N/A | 9.8 CRITICAL |
| Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query. | |||||
| CVE-2023-25158 | 1 Geotools | 1 Geotools | 2023-03-02 | N/A | 9.8 CRITICAL |
| GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations. Users are advised to upgrade to either version 27.4 or to 28.2 to resolve this issue. Users unable to upgrade may disable `encode functions` for PostGIS DataStores or enable `prepared statements` for JDBCDataStores as a partial mitigation. | |||||
| CVE-2020-5511 | 1 Small Crm Project | 1 Small Crm | 2023-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator login page. | |||||
| CVE-2019-13573 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2023-03-01 | 10.0 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. | |||||
| CVE-2019-9918 | 1 Harmistechnology | 1 Je Messenger | 2023-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database. | |||||
| CVE-2019-18413 | 1 Typestack Class-validator Project | 1 Typestack Class-validator | 2023-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input. NOTE: a software maintainer agrees with the "is not documented" finding but suggests that much of the responsibility for the risk lies in a different product. | |||||
| CVE-2019-13575 | 1 Wpeverest | 1 Everest Forms | 2023-02-27 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/evf-entry-functions.php | |||||
| CVE-2020-25905 | 1 Mobile Shop System Project | 1 Mobile Shop System | 2023-02-27 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php. | |||||
| CVE-2019-14695 | 1 Sygnoos | 1 Popup Builder | 2023-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in the Sygnoos Popup Builder plugin before 3.45 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via com/libs/Table.php because Subscribers Table ordering is mishandled. | |||||
| CVE-2019-13572 | 1 Adenion | 1 Blog2social | 2023-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL Injection. | |||||
| CVE-2015-9333 | 1 Cformsii Project | 1 Cformsii | 2023-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| The cforms2 plugin before 14.6.10 for WordPress has SQL injection. | |||||
| CVE-2019-12239 | 1 Wpbookingsystem | 1 Wp Booking System | 2023-02-24 | 6.5 MEDIUM | 7.2 HIGH |
| The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access. | |||||
| CVE-2020-23685 | 1 Vtimecn | 1 188jianzhan | 2023-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to execute arbitrary code and gain escalated privileges, via the username parameter to login.php. | |||||
| CVE-2022-23305 | 5 Apache, Broadcom, Netapp and 2 more | 28 Log4j, Brocade Sannav, Snapmanager and 25 more | 2023-02-24 | 6.8 MEDIUM | 9.8 CRITICAL |
| By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. | |||||