• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-38391

February 23, 2023 by

A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter type before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICEMSSQLSERVER.

CVE-2021-38393

February 23, 2023 by

A Blind SQL injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter agid before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICEMSSQLSERVER.

CVE-2021-38302

February 23, 2023 by

The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection.

CVE-2021-38303

February 23, 2023 by

A SQL injection vulnerability exists in Sureline SUREedge Migrator 7.0.7.29360.

CVE-2021-38324

February 23, 2023 by

The SP Rental Manager WordPress plugin is vulnerable to SQL Injection via the orderby parameter found in the ~/user/shortcodes.php file which allows attackers to retrieve information contained in a site’s database, in versions up to and including 1.5.3.

CVE-2021-38217

February 23, 2023 by

SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 597
  • Go to page 598
  • Go to page 599
  • Go to page 600
  • Go to page 601
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE