• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2020-15153

February 26, 2023 by

Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and the development branch.

CVE-2020-15160

February 26, 2023 by

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8

CVE-2020-15176

February 26, 2023 by

In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords, reset tokens, personal details, and more. The issue is patched in version 9.5.2

CVE-2020-15108

February 26, 2023 by

In glpi before 9.5.1, there is a SQL injection for all usages of “Clone” feature. This has been fixed in 9.5.1.

CVE-2020-15072

February 26, 2023 by

An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section.

CVE-2020-15052

February 26, 2023 by

An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 460
  • Go to page 461
  • Go to page 462
  • Go to page 463
  • Go to page 464
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE