• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-12912

February 26, 2023 by

An issue wan discovered in admincontrollersdatabase.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.

CVE-2018-1292

February 26, 2023 by

Within the ‘getReportType’ method in Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, a hacker could inject SQL to read/update data for which he doesn’t have authorization for by way of the ‘reportName’ parameter.

CVE-2018-1289

February 26, 2023 by

In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the system exposes different REST end points to query domain specific entities with a Query Parameter ‘orderBy’ and ‘sortOrder’ which are appended directly with SQL statements. A hacker/user can inject/draft the ‘orderBy’ and ‘sortOrder’ query parameter in such a way to read/update the data for which he doesn’t have authorization.

CVE-2018-1280

February 26, 2023 by

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.

CVE-2018-1282

February 26, 2023 by

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.

CVE-2018-12630

February 26, 2023 by

NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 360
  • Go to page 361
  • Go to page 362
  • Go to page 363
  • Go to page 364
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE