• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-20479

February 26, 2023 by

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the wap_index.php?type=newsinfo S_id parameter.

CVE-2018-20480

February 26, 2023 by

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php P_id parameter.

CVE-2018-20505

February 26, 2023 by

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).

CVE-2018-20508

February 26, 2023 by

CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This is related to actionIndex in UserController.php, and the protectedmodelsUser.php search() function.

CVE-2018-20469

February 26, 2023 by

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions.

CVE-2018-20329

February 26, 2023 by

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 321
  • Go to page 322
  • Go to page 323
  • Go to page 324
  • Go to page 325
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE