• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-24142

February 23, 2023 by

Unvaludated input in the 301 Redirects – Easy Redirect Manager WordPress plugin, versions before 2.51, did not sanitise its “Redirect From” column when importing a CSV file, allowing high privilege users to perform SQL injections.

CVE-2021-24007

February 23, 2023 by

Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

CVE-2021-23837

February 23, 2023 by

An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was identified in the selected_folder HTTP request body parameter for the acp interface. The affected parameter (which retrieves the file contents of the specified folder) was found to be accepting malicious user input without proper sanitization, thus leading to SQL injection. Database related information can be successfully retrieved.

CVE-2021-23405

February 23, 2023 by

This affects the package pimcore/pimcore before 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class.

CVE-2021-23276

February 23, 2023 by

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow attackers to add users in the data base.

CVE-2021-23352

February 23, 2023 by

This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 663
  • Go to page 664
  • Go to page 665
  • Go to page 666
  • Go to page 667
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE