• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-19462

February 26, 2023 by

admindbDoSql.php in EmpireCMS through 7.5 allows remote attackers to execute arbitrary PHP code via SQL injection that uses a .php filename in a SELECT INTO OUTFILE statement to admin/admin.php.

CVE-2018-19468

February 26, 2023 by

HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.

CVE-2018-19415

February 26, 2023 by

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php.

CVE-2018-19434

February 26, 2023 by

An issue was discovered on the “Bank Account Matching – Receipts” screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter.

CVE-2018-19435

February 26, 2023 by

An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.

CVE-2018-19436

February 26, 2023 by

An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 326
  • Go to page 327
  • Go to page 328
  • Go to page 329
  • Go to page 330
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE