Search
Total
1733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21644 | 1 Useful Simple Open-source Cms Project | 1 Useful Simple Open-source Cms | 2022-01-21 | 6.5 MEDIUM | 7.2 HIGH |
| USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are advised to upgrade as soon as possible. There are not workarounds for this issue. | |||||
| CVE-2020-28679 | 1 Zohocorp | 1 Manageengine Applications Manager | 2022-01-19 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request. | |||||
| CVE-2021-43971 | 1 Sysaid | 1 Sysaid | 2022-01-19 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter. | |||||
| CVE-2022-21666 | 1 Useful Simple Open-source Cms Project | 1 Useful Simple Open-source Cms | 2022-01-19 | 6.5 MEDIUM | 7.2 HIGH |
| Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`. | |||||
| CVE-2021-25054 | 1 Wow-company | 1 Wpcalc | 2022-01-14 | 6.5 MEDIUM | 8.8 HIGH |
| The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability. | |||||
| CVE-2021-39978 | 1 Huawei | 1 Harmonyos | 2022-01-13 | 5.0 MEDIUM | 7.5 HIGH |
| Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues. | |||||
| CVE-2021-25023 | 1 Optimocha | 1 Speed Booster Pack | 2022-01-11 | 6.5 MEDIUM | 7.2 HIGH |
| The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related table, leading to an SQL injection | |||||
| CVE-2021-24786 | 1 Wpchill | 1 Download Monitor | 2022-01-11 | 6.5 MEDIUM | 7.2 HIGH |
| The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue | |||||
| CVE-2021-25030 | 1 E-dynamics | 1 Events Made Easy | 2022-01-11 | 6.5 MEDIUM | 8.8 HIGH |
| The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text parameter before using it in a SQL statement via the eme_searchmail AJAX action, available to any authenticated users. As a result, users with a role as low as subscriber can call it and perform SQL injection attacks | |||||
| CVE-2021-24848 | 1 Frenify | 1 Mediamatic | 2022-01-10 | 6.5 MEDIUM | 8.8 HIGH |
| The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection | |||||
| CVE-2021-44161 | 1 Changingtec | 1 Motp | 2022-01-10 | 5.8 MEDIUM | 8.8 HIGH |
| Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication. | |||||
| CVE-2021-24753 | 1 Starfish | 1 Rich Review | 2022-01-06 | 6.5 MEDIUM | 7.2 HIGH |
| The Rich Reviews by Starfish WordPress plugin before 1.9.6 does not properly validate the orderby GET parameter of the pending reviews page before using it in a SQL statement, leading to an authenticated SQL injection issue | |||||
| CVE-2020-26248 | 1 Prestashop | 1 Productcomments | 2022-01-06 | 6.4 MEDIUM | 8.2 HIGH |
| In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module. | |||||
| CVE-2021-24750 | 1 Plugins-market | 1 Wp Visitor Statistics \(real Time Traffic\) | 2022-01-05 | 6.5 MEDIUM | 8.8 HIGH |
| The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks | |||||
| CVE-2021-44599 | 1 Online Enrollment Management System Project | 1 Online Enrollment Management System | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve sensitive information for all users of this system. | |||||
| CVE-2021-44600 | 1 Online Mens Salon Management System Project | 1 Online Mens Salon Management System | 2022-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| The password parameter on Simple Online Mens Salon Management System (MSMS) 1.0 appears to be vulnerable to SQL injection attacks through the password parameter. The predictive tests of this application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve all authentication and information about the users of this system. | |||||
| CVE-2021-45041 | 1 Salesagility | 1 Suitecrm | 2022-01-04 | 6.5 MEDIUM | 8.8 HIGH |
| SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resource_id and start_date. | |||||
| CVE-2021-24747 | 1 Cleverplugins | 1 Seo Booster | 2022-01-04 | 6.5 MEDIUM | 7.2 HIGH |
| The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections. | |||||
| CVE-2021-3860 | 1 Jfrog | 1 Artifactory | 2022-01-03 | 6.5 MEDIUM | 8.8 HIGH |
| JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL Injection by a low privileged authenticated user due to incomplete validation when performing an SQL query. | |||||
| CVE-2021-35234 | 1 Solarwinds | 1 Orion Platform | 2022-01-03 | 6.5 MEDIUM | 8.8 HIGH |
| Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information. | |||||
| CVE-2020-25760 | 1 Projectworlds | 1 Visitor Management System In Php | 2022-01-01 | 6.5 MEDIUM | 8.8 HIGH |
| Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database. | |||||
| CVE-2020-1937 | 1 Apache | 1 Kylin | 2021-12-30 | 6.5 MEDIUM | 8.8 HIGH |
| Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries. | |||||
| CVE-2021-43851 | 1 Anuko | 1 Time Tracker | 2021-12-28 | 6.5 MEDIUM | 8.8 HIGH |
| Anuko Time Tracker is an open source, web-based time tracking application written in PHP. SQL injection vulnerability exist in multiple files in Time Tracker version 1.19.33.5606 and prior due to not properly checking of the "group" and "status" parameters in POST requests. Group parameter is posted along when navigating between organizational subgroups (groups.php file). Status parameter is used in multiple files to change a status of an entity such as making a project, task, or user inactive. This issue has been patched in version 1.19.33.5607. An upgrade is highly recommended. If an upgrade is not practical, introduce ttValidStatus function as in the latest version and start using it user input check blocks wherever status field is used. For groups.php fix, introduce ttValidInteger function as in the latest version and use it in the access check block in the file. | |||||
| CVE-2021-43630 | 1 Projectworlds | 1 Hospital Management System In Php | 2021-12-28 | 6.5 MEDIUM | 8.8 HIGH |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web server. | |||||
| CVE-2021-44874 | 1 Dalmark | 1 Systeam Enterprise Resource Planning | 2021-12-27 | 6.5 MEDIUM | 8.8 HIGH |
| Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user. | |||||
| CVE-2021-24846 | 1 Ni Woocommerce Custom Order Status Project | 1 Ni Woocommerce Custom Order Status | 2021-12-27 | 6.5 MEDIUM | 8.8 HIGH |
| The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7, used by the niwoocos_ajax AJAX action, available to all authenticated users, does not properly sanitise the sort parameter before using it in a SQL statement, leading to an SQL injection, exploitable by any authenticated users, such as subscriber | |||||
| CVE-2020-18081 | 1 Sem-cms | 1 Semcms | 2021-12-22 | 5.0 MEDIUM | 7.5 HIGH |
| The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query. | |||||
| CVE-2021-41262 | 1 Galette | 1 Galette | 2021-12-21 | 6.5 MEDIUM | 8.8 HIGH |
| Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to SQL injection attacks by users with "member" privilege. Users are advised to upgrade to version 0.9.6 as soon as possible. There are no known workarounds. | |||||
| CVE-2021-43806 | 1 Enalean | 1 Tuleap | 2021-12-21 | 6.5 MEDIUM | 8.8 HIGH |
| Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated malicious user with read access to a CVS repository could execute arbitrary SQL queries. Tuleap instances without an active CVS repositories are not impacted. The following versions contain the fix: Tuleap Community Edition 13.2.99.155, Tuleap Enterprise Edition 13.1-7, and Tuleap Enterprise Edition 13.2-6. | |||||
| CVE-2021-43830 | 1 Openproject | 1 Openproject | 2021-12-20 | 6.5 MEDIUM | 8.8 HIGH |
| OpenProject is a web-based project management software. OpenProject versions >= 12.0.0 are vulnerable to a SQL injection in the budgets module. For authenticated users with the "Edit budgets" permission, the request to reassign work packages to another budget unsufficiently sanitizes user input in the `reassign_to_id` parameter. The vulnerability has been fixed in version 12.0.4. Versions prior to 12.0.0 are not affected. If you're upgrading from an older version, ensure you are upgrading to at least version 12.0.4. If you are unable to upgrade in a timely fashion, the following patch can be applied: https://github.com/opf/openproject/pull/9983.patch | |||||
| CVE-2021-43822 | 1 Jackalope Doctrine-dbal Project | 1 Jackalope Doctrine-dbal | 2021-12-17 | 6.8 MEDIUM | 7.5 HIGH |
| Jackalope Doctrine-DBAL is an implementation of the PHP Content Repository API (PHPCR) using a relational database to persist data. In affected versions users can provoke SQL injections if they can specify a node name or query. Upgrade to version 1.7.4 to resolve this issue. If that is not possible, you can escape all places where `$property` is used to filter `sv:name` in the class `Jackalope\Transport\DoctrineDBAL\Query\QOMWalker`: `XPath::escape($property)`. Node names and xpaths can contain `"` or `;` according to the JCR specification. The jackalope component that translates the query object model into doctrine dbal queries does not properly escape the names and paths, so that a accordingly crafted node name can lead to an SQL injection. If queries are never done from user input, or if you validate the user input to not contain `;`, you are not affected. | |||||
| CVE-2021-40578 | 1 Online Enrollment Management System Project | 1 Online Enrollment Management System | 2021-12-16 | 6.5 MEDIUM | 7.2 HIGH |
| Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter. | |||||
| CVE-2021-24861 | 1 Quotes Collection Project | 1 Quotes Collection | 2021-12-16 | 6.5 MEDIUM | 7.2 HIGH |
| The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection | |||||
| CVE-2021-40282 | 1 Zzcms | 1 Zzcms | 2021-12-13 | 6.5 MEDIUM | 8.8 HIGH |
| An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php. when registering ordinary users. | |||||
| CVE-2021-40281 | 1 Zzcms | 1 Zzcms | 2021-12-13 | 6.5 MEDIUM | 8.8 HIGH |
| An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when registering ordinary users. | |||||
| CVE-2021-40280 | 1 Zzcms | 1 Zzcms | 2021-12-13 | 6.5 MEDIUM | 7.2 HIGH |
| An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php. | |||||
| CVE-2021-40279 | 1 Zzcms | 1 Zzcms | 2021-12-13 | 6.5 MEDIUM | 7.2 HIGH |
| An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php. | |||||
| CVE-2021-40860 | 1 Genesys | 1 Intelligent Workload Distribution Manager | 2021-12-13 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine. | |||||
| CVE-2021-40861 | 1 Genesys | 1 Intelligent Workload Distribution Manager | 2021-12-13 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine. | |||||
| CVE-2021-42760 | 1 Fortinet | 1 Fortiwlm | 2021-12-09 | 7.5 HIGH | 8.8 HIGH |
| A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclose sensitive information from DB tables via crafted requests. | |||||
| CVE-2021-42131 | 1 Ivanti | 1 Avalanche | 2021-12-08 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with access to the Inforail Service to perform privilege escalation. | |||||
| CVE-2021-40313 | 1 Piwigo | 1 Piwigo | 2021-12-07 | 6.5 MEDIUM | 8.8 HIGH |
| Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token in /admin/batch_manager_global.php. | |||||
| CVE-2021-41746 | 1 Yonyou | 1 Turbocrm | 2021-12-06 | 5.0 MEDIUM | 7.5 HIGH |
| SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information. | |||||
| CVE-2021-25784 | 1 Taogogo | 1 Taocms | 2021-12-04 | 6.5 MEDIUM | 7.2 HIGH |
| Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article. | |||||
| CVE-2021-25783 | 1 Taogogo | 1 Taocms | 2021-12-04 | 6.5 MEDIUM | 7.2 HIGH |
| Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search. | |||||
| CVE-2020-35012 | 1 Wp-events-plugin | 1 Events Manager | 2021-12-03 | 6.5 MEDIUM | 7.2 HIGH |
| The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection | |||||
| CVE-2021-36328 | 1 Dell | 1 Emc Streaming Data Platform | 2021-12-01 | 6.5 MEDIUM | 8.8 HIGH |
| Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database. | |||||
| CVE-2021-42666 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2021-11-30 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server. | |||||
| CVE-2021-41947 | 1 Intelliants | 1 Subrion Cms | 2021-11-30 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode. | |||||
| CVE-2019-7548 | 5 Debian, Opensuse, Oracle and 2 more | 9 Debian Linux, Backports Sle, Leap and 6 more | 2021-11-30 | 6.8 MEDIUM | 7.8 HIGH |
| SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. | |||||