• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2019-16997

February 26, 2023 by

In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.

CVE-2019-16999

February 26, 2023 by

CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI.

CVE-2019-16980

February 26, 2023 by

In FusionPBX up to v4.5.7, the file appcall_broadcastcall_broadcast_edit.php uses an unsanitized “id” variable coming from the URL in an unparameterized SQL query, leading to SQL injection.

CVE-2019-16917

February 26, 2023 by

WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function.

CVE-2019-16894

February 26, 2023 by

download.php in inoERP 4.15 allows SQL injection through insecure deserialization.

CVE-2019-16743

February 26, 2023 by

eBrigade before 5.0 has evenement_ical.php evenement SQL Injection.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 511
  • Go to page 512
  • Go to page 513
  • Go to page 514
  • Go to page 515
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE