• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2019-8424

February 26, 2023 by

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.

CVE-2019-8428

February 26, 2023 by

ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value.

CVE-2019-8429

February 26, 2023 by

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj] parameter.

CVE-2019-8360

February 26, 2023 by

Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php cate parameter.

CVE-2019-8393

February 26, 2023 by

Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.

CVE-2019-8127

February 26, 2023 by

A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to an account with Newsletter Template editing permission could exfiltrate the Admin login data, and reset their password, effectively performing a privilege escalation.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 482
  • Go to page 483
  • Go to page 484
  • Go to page 485
  • Go to page 486
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE