• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-18763

February 26, 2023 by

SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection.

CVE-2018-18702

February 26, 2023 by

spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.

CVE-2018-18704

February 26, 2023 by

PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.

CVE-2018-18705

February 26, 2023 by

PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.

CVE-2018-18619

February 26, 2023 by

internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the “page” parameter. NOTE: The product is discontinued.

CVE-2018-18527

February 26, 2023 by

OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 333
  • Go to page 334
  • Go to page 335
  • Go to page 336
  • Go to page 337
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE