• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-37358

February 23, 2023 by

SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component “admin_ajax.php?action=checkrepeat&v_name=”.

CVE-2021-37197

February 23, 2023 by

A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements.

CVE-2021-36898

February 23, 2023 by

Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress.

CVE-2021-36916

February 23, 2023 by

The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is possible because of how the IP address is retrieved and used inside a SQL query. The function "hmwp_get_user_ip" tries to retrieve the IP address from multiple headers, including IP address headers that the user can spoof, such as "X-Forwarded-For." As a result, the malicious payload supplied in one of these IP address headers will be directly inserted into the SQL query, making SQL injection possible.

CVE-2021-36880

February 23, 2023 by

Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom.

CVE-2021-36789

February 23, 2023 by

The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows SQL Injection.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 604
  • Go to page 605
  • Go to page 606
  • Go to page 607
  • Go to page 608
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE