Vulnerabilities (CVE)

CWE filter

CWE-89

Filter

5 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-10593 1 Bd 3 Database Manager, Performa, Reada 2019-10-09 3.8
A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor)...
CVE-2018-6382 1 Mantisbt 1 Mantisbt 2019-03-04 2.1
** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because...
CVE-2018-9493 1 Google 1 Android 2018-11-21 2.1
In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
CVE-2006-2103 1 Mybulletinboard 1 Mybulletinboard 2018-10-18 2.1
SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the (1) query string ($querystring variable) in (a) admin/adminlogs.php, which is not properly handled by...
CVE-2006-7232 2 Mysql, Canonical 2 Mysql, Ubuntu Linux 2018-10-17 3.5
sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.