Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-89
Total 9311 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26033 1 Gentoo 1 Soko 2023-03-06 N/A 9.1 CRITICAL
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_history` cookie is used as a base64 encoded comma separated list of atoms. These are string loaded directly into the SQL query with `atom = '%s'` format string. As a result, any user can modify the browser's cookie value and inject most SQL queries. A proof of concept malformed cookie was generated that wiped the database or changed it's content. On the database, only public data is stored, so there is no confidentiality issues to site users. If it is known that the database was modified, a full restoration of data is possible by performing a full database wipe and performing full update of all components. This issue is patched with commit id 5ae9ca83b73. Version 1.0.1 contains the patch. If users are unable to upgrade immediately, the following workarounds may be applied: (1.) Use a proxy to always drop the `search_history` cookie until upgraded. The impact on user experience is low. (2.) Sanitize to the value of `search_history` cookie after base64 decoding it.
CVE-2023-1100 1 Online Catering Reservation System Project 1 Online Catering Reservation System 2023-03-06 N/A 9.8 CRITICAL
A vulnerability classified as critical has been found in SourceCodester Online Catering Reservation System 1.0. This affects an unknown part of the file /reservation/add_message.php of the component POST Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222003.
CVE-2022-4268 1 Plugin Logic Project 1 Plugin Logic 2023-03-06 N/A 7.2 HIGH
The Plugin Logic WordPress plugin before 1.0.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
CVE-2023-0278 1 Wpgeodirectory 1 Geodirectory 2023-03-03 N/A 7.2 HIGH
The GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
CVE-2023-0279 1 Media Library Assistant Project 1 Media Library Assistant 2023-03-03 N/A 7.2 HIGH
The Media Library Assistant WordPress plugin before 3.06 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
CVE-2023-0487 1 Premio 1 My Sticky Elements 2023-03-03 N/A 7.2 HIGH
The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin
CVE-2023-0381 1 Tri 1 Gigpress 2023-03-03 N/A 8.8 HIGH
The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks
CVE-2022-22897 1 Apollotheme 1 Ap Pagebuilder 2023-03-03 N/A 9.8 CRITICAL
A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.
CVE-2018-6493 1 Hp 2 Network Automation, Network Operations Management Ultimate 2023-03-03 6.5 MEDIUM 8.8 HIGH
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.
CVE-2019-5476 1 Nextcloud 1 Lookup-server 2023-03-03 7.5 HIGH 9.8 CRITICAL
An SQL Injection in the Nextcloud Lookup-Server < v0.3.0 (running on https://lookup.nextcloud.com) caused unauthenticated users to be able to execute arbitrary SQL commands.
CVE-2019-14529 1 Open-emr 1 Openemr 2023-03-03 7.5 HIGH 9.8 CRITICAL
OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php.
CVE-2019-14313 1 10web 1 Photo Gallery 2023-03-03 10.0 HIGH 9.8 CRITICAL
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.
CVE-2023-1038 1 Online Reviewer Management System Project 1 Online Reviewer Management System 2023-03-03 N/A 9.8 CRITICAL
A vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Affected is an unknown function of the file /reviewer_0/admins/assessments/pretest/questions-view.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221796.
CVE-2023-1037 1 Dental Clinic Appointment Reservation System Project 1 Dental Clinic Appointment Reservation System 2023-03-03 N/A 9.8 CRITICAL
A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221795.
CVE-2021-34249 1 Online Book Store Project 1 Online Book Store 2023-03-03 N/A 7.5 HIGH
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
CVE-2023-26325 1 Wpdeveloper 1 Reviewx 2023-03-03 N/A 8.8 HIGH
The 'rx_export_review' action in the ReviewX WordPress Plugin version < 1.6.4, is affected by an authenticated SQL injection vulnerability in the 'filterValue' and 'selectedColumns' parameters.
CVE-2023-25157 1 Osgeo 1 Geoserver 2023-03-03 N/A 9.8 CRITICAL
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.
CVE-2022-2504 1 Sdd-baro Project 1 Sdd-baro 2023-03-03 N/A 9.8 CRITICAL
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.This issue affects SDD-Baro: before 2.8.432.
CVE-2023-0939 1 Online Services Project 1 Online Services 2023-03-03 N/A 9.8 CRITICAL
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies Online Services Software allows SQL Injection.This issue affects Online Services Software: before 1.17.
CVE-2023-1039 1 Class And Exam Timetabling System Project 1 Class And Exam Timetabling System 2023-03-02 N/A 8.8 HIGH
A vulnerability classified as critical was found in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index3.php of the component POST Parameter Handler. The manipulation of the argument password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221797 was assigned to this vulnerability.