Search
Total
1733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15622 | 1 Centos-webpanel | 1 Centos Web Panel | 2020-07-29 | 7.8 HIGH | 7.5 HIGH |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mail_autoreply.php. When parsing the search parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-9712. | |||||
| CVE-2020-15714 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.crud.php script using the custom_Location parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database. | |||||
| CVE-2020-15713 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the sortBy parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database. | |||||
| CVE-2017-11738 | 1 Zohocorp | 1 Manageengine Applications Manager | 2020-07-27 | 6.8 MEDIUM | 8.1 HIGH |
| In Zoho ManageEngine Application Manager prior to 14.6 Build 14660, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack. | |||||
| CVE-2020-15924 | 1 Midasolutions | 1 Eframework | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters. | |||||
| CVE-2020-15884 | 1 Munkireport Project | 1 Munkireport | 2020-07-27 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. | |||||
| CVE-2020-15052 | 1 Articatech | 1 Artica Proxy | 2020-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields. | |||||
| CVE-2020-15108 | 1 Glpi-project | 1 Glpi | 2020-07-22 | 4.0 MEDIUM | 7.1 HIGH |
| In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1. | |||||
| CVE-2020-5766 | 1 Srs Simple Hits Counter Project | 1 Srs Simple Hits Counter | 2020-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SRS Simple Hits Counter Plugin for WordPress 1.0.3 and 1.0.4 allows a remote, unauthenticated attacker to determine the value of database fields. | |||||
| CVE-2020-7577 | 1 Siemens | 1 Opcenter Execution Core | 2020-07-17 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through the use of several vulnerable fields of the application, an authenticated user could perform an SQL Injection attack by passing a modified SQL query downstream to the back-end server. The exploit of this vulnerability could be used to read, and potentially modify application data to which the user has access to. | |||||
| CVE-2020-15008 | 1 Connectwise | 1 Connectwise Automate | 2020-07-16 | 6.0 MEDIUM | 7.5 HIGH |
| A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user supplied table name with little validation, the table name can be modified to allow arbitrary update commands to be run. Usage of other SQL injection techniques such as timing attacks, it is possible to perform full data extraction as well. Patched in 2020.7 and in a hotfix for 2019.12. | |||||
| CVE-2020-3973 | 2 Linux, Vmware | 2 Linux Kernel, Velocloud Orchestrator | 2020-07-15 | 6.5 MEDIUM | 8.8 HIGH |
| The VeloCloud Orchestrator does not apply correct input validation which allows for blind SQL-injection. A malicious actor with tenant access to Velocloud Orchestrator could enter specially crafted SQL queries and obtain data to which they are not privileged. | |||||
| CVE-2020-13993 | 1 Mods-for-hesk | 1 Mods For Hesk | 2020-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A blind time-based SQL injection issue allows remote unauthenticated attackers to retrieve information from the database via a ticket. | |||||
| CVE-2020-9483 | 1 Apache | 1 Skywalking | 2020-07-10 | 5.0 MEDIUM | 7.5 HIGH |
| **Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQL parameters. | |||||
| CVE-2020-15072 | 1 Phplist | 1 Phplist | 2020-07-10 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section. | |||||
| CVE-2020-15308 | 1 Turnkeylinux | 1 Support Incident Tracker | 2020-07-06 | 6.5 MEDIUM | 7.2 HIGH |
| Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter. | |||||
| CVE-2020-14960 | 1 Php-fusion | 1 Php-fusion | 2020-06-26 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter, | |||||
| CVE-2020-14443 | 1 Dolibarr | 1 Dolibarr | 2020-06-24 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability in accountancy/customer/card.php in Dolibarr 11.0.3 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2020-14159 | 1 Connectwise | 1 Automate Api | 2020-06-24 | 6.5 MEDIUM | 8.8 HIGH |
| By using an Automate API in ConnectWise Automate before 2020.5.178, a remote authenticated user could execute commands and/or modifications within an individual Automate instance by triggering an SQL injection vulnerability in /LabTech/agent.aspx. This affects versions before 2019.12.337, 2020 before 2020.1.53, 2020.2 before 2020.2.85, 2020.3 before 2020.3.114, 2020.4 before 2020.4.143, and 2020.5 before 2020.5.178. | |||||
| CVE-2019-20842 | 1 Mattermost | 1 Mattermost Server | 2020-06-19 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels. | |||||
| CVE-2020-5515 | 1 Gilacms | 1 Gila Cms | 2020-06-18 | 6.5 MEDIUM | 7.2 HIGH |
| Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection. | |||||
| CVE-2020-7493 | 1 Schneider-electric | 1 Ecostruxure Operator Terminal Expert | 2020-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file. | |||||
| CVE-2020-13996 | 1 J2store | 1 J2store | 2020-06-15 | 6.5 MEDIUM | 8.8 HIGH |
| The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager. | |||||
| CVE-2014-4928 | 1 Invisioncommunity | 1 Invision Power Board | 2020-06-03 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter. | |||||
| CVE-2020-3184 | 1 Cisco | 1 Prime Collaboration Provisioning | 2020-05-27 | 6.5 MEDIUM | 7.2 HIGH |
| A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates user input for specific SQL queries. An attacker could exploit this vulnerability by authenticating to the application with valid administrative credentials and sending malicious requests to an affected system. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, or delete information from the database that they are not authorized to delete. | |||||
| CVE-2020-12034 | 1 Rockwellautomation | 5 Eds Subsystem, Rslinx, Rslinx Enterprise and 2 more | 2020-05-22 | 4.8 MEDIUM | 8.2 HIGH |
| Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable.The EDS subsystem does not provide adequate input sanitation, which may allow an attacker to craft specialized EDS files to inject SQL queries and manipulate the database storing the EDS files. This can lead to denial-of-service conditions. | |||||
| CVE-2020-5579 | 1 Strangerstudios | 1 Paid Memberships Pro | 2020-05-20 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2020-6249 | 1 Sap | 3 Master Data Governance \(s4core\), Master Data Governance \(s4fnd\), Master Data Governance \(sap Bs Fnd\) | 2020-05-15 | 6.5 MEDIUM | 8.8 HIGH |
| The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAP_BS_FND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection. | |||||
| CVE-2020-6253 | 1 Sap | 1 Adaptive Server Enterprise | 2020-05-15 | 6.5 MEDIUM | 7.2 HIGH |
| Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute, leading to SQL Injection. | |||||
| CVE-2019-18866 | 1 Blaauwproducts | 1 Remote Kiln Control | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database. | |||||
| CVE-2020-6241 | 1 Sap | 1 Adaptive Server Enterprise | 2020-05-14 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection. | |||||
| CVE-2020-12014 | 1 Advantech | 1 Webaccess | 2020-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands. | |||||
| CVE-2020-12104 | 1 Wp-advanced-search Project | 1 Wp-advanced-search | 2020-05-07 | 6.5 MEDIUM | 8.8 HIGH |
| The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation. | |||||
| CVE-2020-11032 | 1 Glpi-project | 1 Glpi | 2020-05-07 | 6.5 MEDIUM | 7.2 HIGH |
| In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6. | |||||
| CVE-2020-6010 | 1 Thimpress | 1 Learnpress | 2020-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection | |||||
| CVE-2020-11886 | 1 Opennms | 2 Horizon, Meridian | 2020-05-05 | 5.5 MEDIUM | 8.1 HIGH |
| OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList.htm (aka the NodeListController) via snmpParm or snmpParmValue to addCriteriaForSnmpParm. This affects Horizon before 25.2.1, Meridian 2019 before 2019.1.4, Meridian 2018 before 2018.1.16, and Meridian 2017 before 2017.1.21. | |||||
| CVE-2020-12461 | 1 Php-fusion | 1 Php-fusion | 2020-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| PHP-Fusion 9.03.50 allows SQL Injection because maincore.php has an insufficient protection mechanism. An attacker can develop a crafted payload that can be inserted into the sort_order GET parameter on the members.php members search page. This parameter allows for control over anything after the ORDER BY clause in the SQL query. | |||||
| CVE-2020-11004 | 1 Admidio | 1 Admidio | 2020-05-01 | 5.0 MEDIUM | 7.5 HIGH |
| SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13. | |||||
| CVE-2020-10512 | 1 Hgiga | 1 Oaklouds Ccm\@il | 2020-04-30 | 9.0 HIGH | 8.8 HIGH |
| HGiga C&Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CCMAILN before olln-calendar-5.0-100.i386.rpm contains a SQL Injection vulnerability which allows attackers to injecting SQL commands in the URL parameter to execute unauthorized commands. | |||||
| CVE-2020-11010 | 1 Tortoise Orm Project | 1 Tortoise Orm | 2020-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of SQL injection have been found for MySQL and when filtering or doing mass-updates on char/text fields. SQLite & PostgreSQL are only affected when filtering with contains, starts_with, or ends_with filters (and their case-insensitive counterparts). | |||||
| CVE-2020-10617 | 1 Advantech | 1 Webaccess\/nms | 2020-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. | |||||
| CVE-2019-19094 | 1 Abb | 1 Esoms | 2020-04-03 | 6.5 MEDIUM | 7.6 HIGH |
| Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database. | |||||
| CVE-2019-7755 | 1 Weberp | 1 Weberp | 2020-04-02 | 6.5 MEDIUM | 8.8 HIGH |
| In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection. | |||||
| CVE-2020-5292 | 1 Leantime | 1 Leantime | 2020-04-02 | 6.5 MEDIUM | 8.8 HIGH |
| Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users' and administrators' password hashes, modify data, or drop tables. The unescaped parameter is "searchUsers" when sending a POST request to "/tickets/showKanban" with a valid session. In the code, the parameter is named "users" in class.tickets.php. This issue is fixed in versions 2.0.15 and 2.1.0 beta 3. | |||||
| CVE-2020-10817 | 1 Custom Searchable Data Entry System Project | 1 Custom Searchable Data Entry System | 2020-04-01 | 6.5 MEDIUM | 8.8 HIGH |
| The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued. | |||||
| CVE-2020-5726 | 1 Grandstream | 6 Ucm6202, Ucm6202 Firmware, Ucm6204 and 3 more | 2020-03-31 | 5.0 MEDIUM | 7.5 HIGH |
| The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. | |||||
| CVE-2020-5724 | 1 Grandstream | 6 Ucm6202, Ucm6202 Firmware, Ucm6204 and 3 more | 2020-03-30 | 5.0 MEDIUM | 7.5 HIGH |
| The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. | |||||
| CVE-2019-20613 | 1 Google | 1 Android | 2020-03-30 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 (March 2019). | |||||
| CVE-2019-20592 | 1 Google | 1 Android | 2020-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 (July 2019). | |||||
| CVE-2019-20591 | 1 Google | 1 Android | 2020-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Gear VR Service Content Provider. The Samsung ID is SVE-2019-14058 (July 2019). | |||||