• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2023-23490

February 22, 2023 by godfreyd94

The Survey Maker WordPress Plugin, version < 3.1.2, is affected by an authenticated SQL injection vulnerability in the 'surveys_ids' parameter of its 'ays_surveys_export_json' action.

CVE-2023-23492

February 22, 2023 by godfreyd94

The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the 'ID' parameter of its 'lwp_forgot_password' action.

CVE-2023-22630

February 22, 2023 by godfreyd94

IzyBat Orange casiers before 20221102_1 allows SQL Injection via a getCasier.php?taille= URI.

CVE-2023-22727

February 22, 2023 by godfreyd94

CakePHP is a development framework for PHP web apps. In affected versions the `CakeDatabaseQuery::limit()` and `CakeDatabaseQuery::offset()` methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by using CakePHP’s Pagination library. Manually validating or casting parameters to these methods will also mitigate the issue.

CVE-2023-22794

February 22, 2023 by godfreyd94

A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.

CVE-2023-22900

February 22, 2023 by godfreyd94

Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 944
  • Go to page 945
  • Go to page 946
  • Go to page 947
  • Go to page 948
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE