• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2022-0267

February 23, 2023 by

The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection

CVE-2022-0169

February 23, 2023 by

The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection

CVE-2022-0190

February 23, 2023 by

The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action.

CVE-2022-0224

February 23, 2023 by

dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command

CVE-2022-0228

February 23, 2023 by

The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection

CVE-2022-0153

February 23, 2023 by

SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 940
  • Go to page 941
  • Go to page 942
  • Go to page 943
  • Go to page 944
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE