• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2018-11722

February 26, 2023 by

WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the ‘code’ parameter, because ‘UC_KEY’ is hard coded.

CVE-2018-11643

February 26, 2023 by

SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter.

CVE-2018-11589

February 26, 2023 by

Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.

CVE-2018-11511

February 26, 2023 by

The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the ‘album_id’ or ‘scope’ parameter via a photo-gallery/api/album/tree_lists/ URI.

CVE-2018-11515

February 26, 2023 by

The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter.

CVE-2018-11528

February 26, 2023 by

WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 364
  • Go to page 365
  • Go to page 366
  • Go to page 367
  • Go to page 368
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE