Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5810 | 1 Hp | 1 Network Automation | 2018-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | |||||
| CVE-2018-6928 | 1 News Website Script Project | 1 News Website Script | 2018-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term. | |||||
| CVE-2018-6893 | 1 Finecms | 1 Finecms | 2018-03-06 | 7.5 HIGH | 9.8 CRITICAL |
| controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering. | |||||
| CVE-2018-7314 | 1 Mlwebtechnologies | 1 Prayercenter | 2018-03-06 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429. | |||||
| CVE-2018-6006 | 1 Joomsky | 1 Js Autoz | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. | |||||
| CVE-2018-5991 | 1 Web-dorado | 1 Form Maker | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798. | |||||
| CVE-2018-5994 | 1 Joomsky | 1 Js Jobs | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. | |||||
| CVE-2018-6368 | 1 Comdev | 1 Jomestate Pro | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action. | |||||
| CVE-2016-10007 | 1 Dotcms | 1 Dotcms | 2018-03-05 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in the "Marketing > Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter. | |||||
| CVE-2018-6370 | 1 Neojoomla | 1 Neorecruit | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI. | |||||
| CVE-2018-6396 | 1 Google Map Landkarten Project | 1 Google Map Landkarten | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action. | |||||
| CVE-2018-6583 | 1 Quanticalabs | 1 Timetable Responsive Schedule | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request. | |||||
| CVE-2018-6372 | 1 Joombooking | 1 Jb Bus | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter. | |||||
| CVE-2018-6585 | 1 Techjoomla | 1 Jticketing | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter. | |||||
| CVE-2018-7313 | 1 Cwjoomla | 1 Cw Tags | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter. | |||||
| CVE-2018-6584 | 1 Dthdevelopment | 1 Dt Register | 2018-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request. | |||||
| CVE-2016-10008 | 1 Dotcms | 1 Dotcms | 2018-03-05 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter. | |||||
| CVE-2018-5970 | 1 Techjoomla | 1 Jgive | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter. | |||||
| CVE-2018-5971 | 1 Ordasoft | 1 Medialibrary | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter. | |||||
| CVE-2018-5974 | 1 Albonico | 1 Simplecalendar | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter. | |||||