Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12598 | 1 Salesagility | 1 Suitecrm | 2019-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3). | |||||
| CVE-2019-11978 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11971 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11972 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11977 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11976 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11975 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11974 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11973 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11970 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11979 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11984 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-12196 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2019-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter. | |||||
| CVE-2017-14851 | 1 Orpak | 1 Siteomat | 2019-06-04 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass. | |||||
| CVE-2019-12374 | 1 Ivanti | 1 Landesk Management Suite | 2019-06-04 | 6.8 MEDIUM | 8.1 HIGH |
| A SQL Injection vulnerability exists in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 due to improper username sanitization in the Basic Authentication implementation in core/provisioning.secure/ProvisioningSecure.asmx in Provisioning.Secure.dll. | |||||
| CVE-2019-10123 | 1 Ais | 2 Esel-server, Logistic Software | 2019-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS logistics mobile app) allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the 'sa' user. | |||||
| CVE-2018-17843 | 1 Mlmsoftwarez | 10 Add Clicking Mlm Software, Autopool Mlm Software, Bidding Mlm Software and 7 more | 2019-05-29 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter. | |||||
| CVE-2016-10754 | 1 Vtiger | 1 Vtiger Crm | 2019-05-29 | 6.5 MEDIUM | 8.8 HIGH |
| modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter. | |||||
| CVE-2019-12372 | 1 Petraware | 1 Ptransformer Adc | 2019-05-29 | 4.6 MEDIUM | 7.8 HIGH |
| Petraware pTransformer ADC before 2.1.7.22827 allows SQL Injection via the User ID parameter to the login form. | |||||
| CVE-2016-10755 | 1 Abantecart | 1 Abantecart | 2019-05-29 | 4.0 MEDIUM | 8.8 HIGH |
| AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php. | |||||