• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2020-28994

February 26, 2023 by

A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. The vulnerability allows for an unauthenticated attacker to perform various tasks such as modifying and leaking all contents of the database.

CVE-2020-28860

February 26, 2023 by

OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection.

CVE-2020-28702

February 26, 2023 by

A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information.

CVE-2020-28657

February 26, 2023 by

In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.

CVE-2020-28679

February 26, 2023 by

A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request.

CVE-2020-28413

February 26, 2023 by

In MantisBT 2.24.3, SQL Injection can occur in the parameter “access” of the mc_project_get_users function through the API SOAP.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 409
  • Go to page 410
  • Go to page 411
  • Go to page 412
  • Go to page 413
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE