• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-28423

February 23, 2023 by

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the ‘editid’ GET parameter in edit-subjects-detail.php, edit-teacher-detail.php, or the ‘searchdata’ POST parameter in search.php.

CVE-2021-28242

February 23, 2023 by

SQL Injection in the “evoadm.php” component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the “cf_name” parameter when creating a new filter under the “Collections” tab.

CVE-2021-28245

February 23, 2023 by

PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account.

CVE-2021-28295

February 23, 2023 by

Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure.

CVE-2021-28142

February 23, 2023 by

CITSmart before 9.1.2.28 mishandles the “filtro de autocomplete.”

CVE-2021-28157

February 23, 2023 by

An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/userinfo/delete.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 625
  • Go to page 626
  • Go to page 627
  • Go to page 628
  • Go to page 629
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE