Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Successful exploitation of the SQL injection vulnerability could allow a remote authenticated attacker to execute arbitrary commands via a specific interface, potentially enabling the attacker to acce
A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an att
CVE-2025-52694
CRITICAL CVSS 9.8
Find Similar
Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet
C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with admi
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with admi
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with admi
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with admi
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with admi
A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to
CVE-2025-7343
CRITICAL CVSS 9.3
Find Similar
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnera
Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents.
U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents.
EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database
CVE-2025-54946
CRITICAL CVSS 9.3
Find Similar
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands.
A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inade
Page 1+ Next →