• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-28993

February 23, 2023 by

Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is: obtain sensitive information (remote).

CVE-2021-28828

February 23, 2023 by

The Administration GUI component of TIBCO Software Inc.’s TIBCO Administrator – Enterprise Edition, TIBCO Administrator – Enterprise Edition, TIBCO Administrator – Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator – Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator – Enterprise Edition for z/Linux, and TIBCO Administrator – Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a SQL injection attack on the affected system. Affected releases are TIBCO Software Inc.’s TIBCO Administrator – Enterprise Edition: versions 5.10.2 and below, TIBCO Administrator – Enterprise Edition: versions 5.11.0 and 5.11.1, TIBCO Administrator – Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.10.2 and below, TIBCO Administrator – Enterprise Edition Distribution for TIBCO Silver Fabric: versions 5.11.0 and 5.11.1, TIBCO Administrator – Enterprise Edition for z/Linux: versions 5.10.2 and below, and TIBCO Administrator – Enterprise Edition for z/Linux: versions 5.11.0 and 5.11.1.

CVE-2021-28890

February 23, 2023 by

J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the (1) compId parameter to fast/sys/user/list, (2) deptId parameter to fast/sys/role/list, or (3) roleId parameter to fast/sys/role/authUser/list, related to the use of ${} to join SQL statements.

CVE-2021-28668

February 23, 2023 by

Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.

CVE-2021-28381

February 23, 2023 by

The vhs (aka VHS: Fluid ViewHelpers) extension before 5.1.1 for TYPO3 allows SQL injection via isLanguageViewHelper.

CVE-2021-28419

February 23, 2023 by

The “order_col” parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 624
  • Go to page 625
  • Go to page 626
  • Go to page 627
  • Go to page 628
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE