Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

SQL Injection

This page lists 838 vulnerabilities in this category.

Vulnerability Name
CVE
CWE
Severity
WordPress Plugin WP Support Plus Responsive Ticket System SQL Injection (7.1.4)
-
CWE-89
High
Drupal Core 7.x SQL Injection (7.0 - 7.31)
CVE-2014-3704
CWE-89
High
GeoServer SQLi (CVE-2023-25157)
CVE-2023-25157
CWE-89
High
Progress MOVEit Transfer SQL Injection
CVE-2023-34362
CWE-89
High
CRMEB SQL Injection (CVE-2024-36837)
CVE-2024-36837
CWE-89
High
Ivanti EPM SQLi RCE (CVE-2024-29824)
CVE-2024-29824
CWE-89
High
Node.js MySQL Prepared Statement Object Injection
-
CWE-89
High
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6)
CVE-2006-2742
CWE-89
High
Drupal Core 4.7.x SQL Injection (4.7.0)
CVE-2006-2742
CWE-89
High
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8)
CVE-2007-6299
CWE-89
High
Drupal Core 5.x SQL Injection (5.0 - 5.14)
-
CWE-89
High
Drupal Core 5.x SQL Injection (5.0 - 5.3)
CVE-2007-6299
CWE-89
High
Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11)
CVE-2007-0374
CWE-89
High
Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847)
CVE-2020-35847
CWE-89
High
Joomla! Core 1.5.x Multiple SQL Injection Vulnerabilities (1.5.0 - 1.5.21)
CVE-2010-4696
CWE-89
High
Joomla! Core 1.7.x SQL Injection (1.7.0 - 1.7.4)
CVE-2012-1116
CWE-89
High
Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1)
CVE-2012-1116
CWE-89
High
Joomla! Core 3.x.x SQL Injection (3.2.0 - 3.4.4)
CVE-2015-7858
CWE-89
High
Joomla! Core 3.x.x SQL Injection (3.1.0 - 3.2.2)
CVE-2014-7981
CWE-89
High
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6)
-
CWE-89
High
Joomla! Core 3.7.0 SQL Injection (3.7.0)
CVE-2017-8917
CWE-89
High
Joomla! Core 3.x.x SQL Injection (3.5.0 - 3.8.5)
CVE-2018-8045
CWE-89
High
Joomla! Core Multiple SQL Injection Vulnerabilities (2.5.0 - 3.9.13)
CVE-2019-19846
CWE-89
High
Joomla! Core SQL Injection (1.7.0 - 3.9.15)
CVE-2020-10243
CWE-89
High
BillQuick Web Suite SQL injection (CVE-2021-42258)
CVE-2021-42258
CWE-89
High
vBulletin 5.6.1 nodeId SQL injection
CVE-2020-12720
CWE-94
High
WordPress 0.7 Posts SQL Injection Vulnerability (0.7)
CVE-2003-1598
CWE-89
High
Drupal core 7.x SQL injection vulnerability
CVE-2014-3704
CWE-89
High
Joomla! component Kunena Forum multiple vulnerabilities
CVE-2014-9103
CWE-89
High
Joomla! 3.2.1 sql injection
-
CWE-89
High
Joomla! v3.2.2 SQL injection
-
CWE-89
High
Joomla! SQL injection vulnerability
CVE-2015-7858
CWE-89
High
MantisBT multiple security issues
CVE-2015-1042
CWE-200
High
Nagios core config manager SQL injection vulnerability
CVE-2013-6875
CWE-89
High
OpenX xajaxargs SQL injection vulnerability
-
CWE-89
High
Parallels Plesk SQL injection vulnerability
CVE-2012-1557
CWE-89
High
Ruby on Rails SQL injection
CVE-2012-2695
CWE-89
High
Zabbix 2.0.8 SQL injection
CVE-2013-5743
CWE-89
High
Ektron CMS400.NET ContentRatingGraph.aspx SQL injection
CVE-2008-5122
CWE-89
High
Oracle E-Business Suite SQL injection (CVE-2017-3549)
CVE-2017-3549
CWE-89
High
Joomla! 1.6/1.7/2.5 privilege escalation vulnerability
CVE-2012-1563
CWE-269
High
Joomla! 1.6.0 SQL injection vulnerability
CVE-2011-1151
CWE-89
High
Joomla! 1.7/2.5 SQL injection vulnerability
CVE-2012-1116
CWE-89
High
lighttpd v1.4.34 SQL injection and path traversal
CVE-2014-2324
CWE-89
High
SQL Injection in Symphony
CVE-2013-2559
CWE-89
High
vBulletin 5.1.2 SQL injection
CVE-2014-5102
CWE-89
High
vBulletin 4 (up to 4.1.2) search.php SQL injection
-
CWE-89
High
SQL Injection (stylesheet.php) (CMS Made Simple)
CVE-2007-2473
CWE-89
High
Magento (2.2.0 to 2.3.0) Unauthenticated SQL Injection Vulnerability
CVE-2019-7139
CWE-89
High
Nagios XI Unauthenticated SQLi CVE-2018-8734
CVE-2018-8734
CWE-89
High
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.9.22)
CVE-2020-35613
CWE-89
High
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
-
CWE-89
High
WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)
-
CWE-89
High
WordPress Plugin WP-Forum 'forum_feed.php' SQL Injection (1.7.8)
-
CWE-89
High
WordPress Plugin WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3)
CVE-2008-0520
CWE-89
High
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)
CVE-2008-0490
CWE-89
High
WordPress Plugin WP-Forum SQL Injection (1.7.4)
CVE-2008-0388
CWE-89
High
WordPress Plugin Wordspew 'id' Parameter SQL Injection (1.16)
CVE-2008-0682
CWE-89
High
WordPress Plugin WP People 'wp-people-popup.php' SQL Injection (2.0)
-
CWE-89
High
WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)
CVE-2008-1646
CWE-89
High
WordPress Plugin Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61)
CVE-2008-1982
CWE-89
High
WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)
CVE-2008-0939
CWE-89
High
WordPress Plugin WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)
-
CWE-89
High
WordPress Plugin Fuctweb CapCC 'plugins.php' SQL Injection (1.0)
-
CWE-89
High
WordPress Plugin fMoblog 'id' Parameter SQL Injection (2.1)
CVE-2009-0968
CWE-89
High
WordPress Plugin AdServe 'id' Parameter SQL Injection (0.2)
CVE-2008-0507
CWE-89
High
WordPress Plugin Photoracer 'id' Parameter SQL Injection (1.0)
CVE-2009-2122
CWE-89
High
WordPress Plugin Related Sites 'guid' Parameter SQL Injection (2.1)
CVE-2009-2383
CWE-89
High
WordPress Plugin My Category Order 'parentID' Parameter SQL Injection (2.8)
CVE-2009-4748
CWE-89
High
WordPress Plugin WP-Forum Multiple SQL Injection Vulnerabilities (2.3)
CVE-2009-3703
CWE-89
High
WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
-
CWE-89
High
WordPress Plugin Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16)
CVE-2010-0673
CWE-89
High
WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
-
CWE-89
High
WordPress Plugin Events Manager 'events-manager.php' SQL Injection (2.1)
-
CWE-89
High
WordPress Plugin myLinksDump 'url' Parameter SQL Injection (1.2)
CVE-2010-2924
CWE-89
High