• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2019-10762

February 26, 2023 by

columnQuote in medoo before 1.7.5 allows remote attackers to perform a SQL Injection due to improper escaping.

CVE-2019-10763

February 26, 2023 by

pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via ‘id’, ‘storeId’, ‘pageSize’ and ‘tables’ parameters, using a payload for trigger a time based or error based sql injection.

CVE-2019-10766

February 26, 2023 by

Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.

CVE-2019-10664

February 26, 2023 by

Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp.

CVE-2019-10671

February 26, 2023 by

An issue was discovered in LibreNMS through 1.47. It does not parameterize all user supplied input within database queries, resulting in SQL injection. An authenticated attacker can subvert these database queries to extract or manipulate data, as demonstrated by the graph.php sort parameter.

CVE-2019-10687

February 26, 2023 by

KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 545
  • Go to page 546
  • Go to page 547
  • Go to page 548
  • Go to page 549
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE