Latest Security News about sql injection

Contact us to Fix the issue

SQL Injection attack in pimcore before 6.3.0

Overview : Pimcore data leakage Flaws through SQL Injection Affected Product(s) : pimcore/pimcore before 6.3.0 Vulnerability Details : CVE ID : CVE-2019-10763 pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via ‘id’, ‘storeId’, […]

Contact us to Fix the issue

SQL Injection flaw in SuiteCRM

Overview : SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection. Affected Product(s) : SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 Vulnerability Details : CVE ID : CVE-2019-18784 The SuiteCRM specified versions are prone to SQLi vulnerability. Exploiting this issue allows attackers to do […]

Contact us to Fix the issue

Authenticated SQL Injection in OpenEMR before 5.0.2.1

Overview : Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter. Affected Product(s) : OpenEMR 5.0.1 OpenEMR 5.0.1.1 OpenEMR 5.0.1.2 OpenEMR 5.0.1.3 OpenEMR 5.0.1.4 OpenEMR 5.0.1.5 OpenEMR 5.0.1.6 OpenEMR 5.0.1.7 OpenEMR 5.0.2 […]

Contact us to Fix the issue

SQL injection vulnerability in Zoho ManageEngine OpManager before 12.4

Overview : An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could be exploited unauthenticated or authenticated. Affected Product(s) : Zoho ManageEngine OpManager before 12.4 build 124089 Vulnerability Details : CVE ID : CVE-2019-17602 An issue was discovered […]