• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-36184

February 23, 2023 by

A improper neutralization of Special Elements used in an SQL Command (‘SQL Injection’) in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests.

CVE-2021-3604

February 23, 2023 by

Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.

CVE-2021-35456

February 23, 2023 by

Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell upload

CVE-2021-35458

February 23, 2023 by

Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter.

CVE-2021-35487

February 23, 2023 by

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.

CVE-2021-35387

February 23, 2023 by

Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 608
  • Go to page 609
  • Go to page 610
  • Go to page 611
  • Go to page 612
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE