Proteus® NextGen Data Privacy™ users can receive automated alerts using this data by linking it to their ITIL CMDB (IT asset register)

2024

2023

2022

2021

CVE-2021-24860 (v3: 7.2) 29 Nov 2021
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue

2020

2019

2018

CVE-2018-14874 (v3: 8.8) 30 Apr 2019
An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injection with an authenticated session.
CVE-2018-7065 (v3: 7.2) 7 Dec 2018
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this vulnerability to gain access to "appadmin" credentials, leading to complete cluster compromise. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.
CVE-2018-19221 (v3: 9.8) 12 Nov 2018
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.

2017

2016

CVE-2016-10755 (v3: 8.8) 24 May 2019
AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php.
CVE-2016-2034 (v3: 9.8) 8 Jun 2017
SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.

2015

CVE-2015-1392 (v2: 6.5) 28 May 2015
Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to execute arbitrary SQL commands via unspecified vectors.