Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 14524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-21662 1 Yunyecms 1 Yunyecms 2024-11-21 N/A 9.8 CRITICAL
SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands via XFF.
CVE-2020-21394 1 Crmeb 1 Crmeb 2024-11-21 6.5 MEDIUM 8.8 HIGH
SQL Injection vulnerability in Zhong Bang Technology Co., Ltd CRMEB mall system V2.60 and V3.1 via the tablename parameter in SystemDatabackup.php.
CVE-2020-21378 1 Seacms 1 Seacms 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
CVE-2020-21377 1 Yunyecms 1 Yunyecms 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.
CVE-2020-21250 1 Cszcms 1 Csz Cms 2024-11-21 7.5 HIGH 9.8 CRITICAL
CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php.
CVE-2020-21180 1 Koa2-blog Project 1 Koa2-blog 2024-11-21 7.5 HIGH 9.8 CRITICAL
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signup page.
CVE-2020-21179 1 Koa2-blog Project 1 Koa2-blog 2024-11-21 7.5 HIGH 9.8 CRITICAL
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page.
CVE-2020-21176 1 Thinkjs 1 Thinkjs 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.
CVE-2020-21133 1 Metinfo 1 Metinfo 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
CVE-2020-21132 1 Metinfo 1 Metinfo 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability in Metinfo 7.0.0beta in index.php.
CVE-2020-21131 1 Metinfo 1 Metinfo 2024-11-21 6.5 MEDIUM 7.2 HIGH
SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguage.
CVE-2020-21127 1 Metinfo 1 Metinfo 2024-11-21 7.5 HIGH 9.8 CRITICAL
MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.
CVE-2020-21121 1 Kliqqi 1 Kliqqi Cms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file.
CVE-2020-21013 1 Emlog 1 Emlog 2024-11-21 6.5 MEDIUM 7.2 HIGH
emlog v6.0.0 contains a SQL injection via /admin/comment.php.
CVE-2020-21012 1 Hotel And Lodge Booking Management System Project 1 Hotel And Lodge Booking Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.
CVE-2020-20981 1 Metinfo 1 Metinfo 2024-11-21 5.0 MEDIUM 7.5 HIGH
A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information.
CVE-2020-20975 1 Gxlcms 1 Gxlcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter.
CVE-2020-20800 1 Metinfo 1 Metinfo 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI.
CVE-2020-20797 1 Flamecms Project 1 Flamecms 2024-11-21 7.5 HIGH 9.8 CRITICAL
FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php.
CVE-2020-20796 1 Flamecms Project 1 Flamecms 2024-11-21 7.5 HIGH 9.8 CRITICAL
FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter.