• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2020-11545

February 26, 2023 by

Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.

CVE-2020-11437

February 26, 2023 by

LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privilege authenticated users to enumerate the database.

CVE-2020-11032

February 26, 2023 by

In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6.

CVE-2020-10982

February 26, 2023 by

Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php.

CVE-2020-10983

February 26, 2023 by

Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php.

CVE-2020-11004

February 26, 2023 by

SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 472
  • Go to page 473
  • Go to page 474
  • Go to page 475
  • Go to page 476
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE