Security Vulnerabilities, CVEs, Published In March 2013 (Sql injection)

CVE-2013-2690

SQL injection vulnerability in index.php in Synchroweb Technology SynConnect 2.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter in a logoff action.
Max CVSS
7.5
EPSS Score
0.19%
Published
2013-03-28
Updated
2017-08-29

CVE-2013-1842

SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."
Max CVSS
7.5
EPSS Score
0.42%
Published
2013-03-20
Updated
2013-06-05

CVE-2013-0511

Multiple SQL injection vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified parameters.
Max CVSS
6.5
EPSS Score
0.16%
Published
2013-03-29
Updated
2017-08-29

CVE-2013-0123

Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgHistory.asp or (2) the OrderBy parameter to WebProd/pages/pgadmin.asp.
Max CVSS
7.5
EPSS Score
0.09%
Published
2013-03-21
Updated
2013-03-22
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close