CWE-89

CVE-2018-6928

February 26, 2023 by

PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.

CVE-2018-6859

February 26, 2023 by

SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.

CVE-2018-6863

February 26, 2023 by

SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter.

CVE-2018-6843

February 26, 2023 by

Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the administration interface.

Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource. The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formularioGestionarSecciones:tablaSeccionesMib:*:filter. The GET parameter is nombreAgente.

CVE-2018-6604

February 26, 2023 by

SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.