CWE-89 CVEs and Security Vulnerabilities

Filtered by CWE-89

Search

Switch to Advanced Search (Beta)

Total 17364 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-15570	1 Bedita	1 Bedita	2024-11-21	N/A
BEdita through 4.0.0-RC2 allows SQL injection during a save operation for a relation with parameters.
CVE-2019-15569	1 Gov	1 Ccd-data-store-api	2024-11-21	N/A
HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows SQL injection, related to SearchQueryFactoryOperation.java and SortDirection.java.
CVE-2019-15568	1 Idseq	1 Idseq-web	2024-11-21	N/A
idseq-web before 2019-07-01 in Infectious Disease Sequencing Platform IDseq allows SQL injection via tax_levels.
CVE-2019-15567	1 Openforis	1 Arena	2024-11-21	N/A
OpenForis Arena before 2019-05-07 allows SQL injection in the sorting feature.
CVE-2019-15566	1 Alfresco	1 Alfresco	2024-11-21	N/A
The Alfresco application before 1.8.7 for Android allows SQL injection in HistorySearchProvider.java.
CVE-2019-15565	1 Webimpacto	1 Icommktconnector	2024-11-21	N/A
The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL injection in icommktconnector.php.
CVE-2019-15564	1 Compassionuk	1 Compassion Switzerland	2024-11-21	N/A
The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection in models/partner_compassion.py.
CVE-2019-15563	1 Ohdsi	1 Webapi	2024-11-21	N/A
Observational Health Data Sciences and Informatics (OHDSI) WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java.
CVE-2019-15562	1 Gorm	1 Gorm	2024-11-21	9.8 Critical
GORM before 1.9.10 allows SQL injection via incomplete parentheses. NOTE: Misusing Gorm by passing untrusted user input where Gorm expects trusted SQL fragments is a vulnerability in the application, not in Gorm
CVE-2019-15561	1 Flashlingo Project	1 Flashlingo	2024-11-21	N/A
FlashLingo before 2019-06-12 allows SQL injection, related to flashlingo.js and db.js.
CVE-2019-15560	1 Reviews Module Project	1 Reviews Module	2024-11-21	N/A
The Reviews Module before 2019-06-14 for OpenSource Table allows SQL injection in database/index.js.
CVE-2019-15559	1 Hawn Project	1 Hawn	2024-11-21	N/A
DianoxDragon Hawn before 2019-07-10 allows SQL injection.
CVE-2019-15558	1 Xm-online	1 Xm\^online 2 - Common Utils And Endpoints	2024-11-21	N/A
XM^online 2 Common Utils and Endpoints 0.2.1 allows SQL injection, related to Constants.java, DropSchemaResolver.java, and SchemaChangeResolver.java.
CVE-2019-15557	1 Xm-online	1 Xm\^online 2 User Account And Authentication Server	2024-11-21	N/A
XM^online 2 User Account and Authentication server 1.0.0 allows SQL injection via a tenant key.
CVE-2019-15556	1 Social Network Project	1 Social Network	2024-11-21	N/A
Pvanloon1983 social_network before 2019-07-03 allows SQL injection in includes/form_handlers/register_handler.php.
CVE-2019-15555	1 Wellness Project	1 Wellness	2024-11-21	N/A
FredReinink Wellness-app before 2019-06-19 allows SQL injection, related to dietTrack.php, exerciseGenerator.php, fitnessTrack.php, and server.php.
CVE-2019-15537	1 Cesnet	1 Proxystatistics	2024-11-21	N/A
The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php.
CVE-2019-15536	1 Youracclaim	1 Acclaim	2024-11-21	N/A
The Acclaim block plugin before 2019-06-26 for Moodle allows SQL Injection via delete_records.
CVE-2019-15535	1 Hostosm	1 Tasking Manager	2024-11-21	N/A
Tasking Manager before 3.4.0 allows SQL Injection via custom SQL.
CVE-2019-15534	1 Raml-module-builder Project	1 Raml-module-builder	2024-11-21	N/A
Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.update.

« first previous Page 786 of 869. next last »