• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-17552

February 26, 2023 by

SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie.

CVE-2018-1756

February 26, 2023 by

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.

CVE-2018-17562

February 26, 2023 by

Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points.

CVE-2018-17566

February 26, 2023 by

In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition’s value can be controlled by a user’s request.

CVE-2018-17446

February 26, 2023 by

A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17410

February 26, 2023 by

Horus CMS allows SQL Injection, as demonstrated by a request to the /busca or /home URI.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 339
  • Go to page 340
  • Go to page 341
  • Go to page 342
  • Go to page 343
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE