Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi.
Max CVSS
7.5
EPSS Score
0.22%
Published
2002-08-12
Updated
2008-09-10
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
Max CVSS
7.5
EPSS Score
0.26%
Published
2002-08-12
Updated
2016-10-18
SQL injection vulnerability in the function that services for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary commands via an MCMS resource request for image files or other files.
Max CVSS
7.5
EPSS Score
0.19%
Published
2002-08-12
Updated
2018-10-12
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
0.15%
Published
2002-08-12
Updated
2018-10-12
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!