Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17388 | 1 Ranksol | 1 Twilio Web To Fax Machine System | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the email or password parameter to login_check.php, or the id parameter to add_email.php or edit_content.php. | |||||
| CVE-2018-17374 | 1 Thephpfactory | 1 Auction Factory | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter. | |||||
| CVE-2018-17381 | 1 Thephpfactory | 1 Dutch Auction Factory | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Dutch Auction Factory 2.0.2 component for Joomla! via the filter_order_Dir or filter_order parameter. | |||||
| CVE-2018-18758 | 1 Open Faculty Evaluation System Project | 1 Open Faculty Evaluation System | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757. | |||||
| CVE-2018-18757 | 1 Open Faculty Evaluation System Project | 1 Open Faculty Evaluation System | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758. | |||||
| CVE-2018-17393 | 1 Healthnode Hospital Management System Project | 1 Healthnode Hospital Management System | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/Patient/patientdetails.php. | |||||
| CVE-2018-17398 | 1 Arenam | 1 Amgallery | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the AMGallery 1.2.3 component for Joomla! via the filter_category_id parameter. | |||||
| CVE-2018-17399 | 1 Jimtawl Project | 1 Jimtawl | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via the id parameter. | |||||
| CVE-2018-17840 | 1 Education Website Project | 1 Education Website | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter. | |||||
| CVE-2018-17841 | 1 Flippa Marketplace Clone Project | 1 Flippa Marketplace Clone | 2019-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection exists in Scriptzee Flippa Marketplace Clone 1.0 via the site-search sortBy or sortDir parameter. | |||||
| CVE-2018-20505 | 3 Apple, Microsoft, Sqlite | 7 Icloud, Iphone Os, Itunes and 4 more | 2019-06-19 | 5.0 MEDIUM | 7.5 HIGH |
| SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). | |||||
| CVE-2019-12872 | 1 Dotcms | 1 Dotcms | 2019-06-18 | 6.5 MEDIUM | 7.2 HIGH |
| dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp. | |||||
| CVE-2019-11768 | 1 Phpmyadmin | 1 Phpmyadmin | 2019-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. | |||||
| CVE-2019-12149 | 1 Silverstripe | 2 Registry, Restfulserver | 2019-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands. | |||||
| CVE-2018-11801 | 1 Apache | 1 Fineract | 2019-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table. | |||||
| CVE-2018-11800 | 1 Apache | 1 Fineract | 2019-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table. | |||||
| CVE-2018-20091 | 1 Cloudera | 1 Data Science Workbench | 2019-06-10 | 6.5 MEDIUM | 9.9 CRITICAL |
| An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords (in the case of local authentication), API keys, and stored Kerberos keytabs. | |||||
| CVE-2019-12599 | 1 Salesagility | 1 Suitecrm | 2019-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection. | |||||
| CVE-2019-12600 | 1 Salesagility | 1 Suitecrm | 2019-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 2 of 3). | |||||
| CVE-2019-12601 | 1 Salesagility | 1 Suitecrm | 2019-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 3 of 3). | |||||