Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5975 | 1 Thekrotek | 1 Smart Shoutbox | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI. | |||||
| CVE-2018-5980 | 1 Solidres | 1 Solidres | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action. | |||||
| CVE-2018-5992 | 1 Staff Master Project | 1 Staff Master | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request. | |||||
| CVE-2018-5990 | 1 Allvideos Reloaded Project | 1 Allvideos Reloaded | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter. | |||||
| CVE-2018-6004 | 1 Techsolsystem | 1 File Download Tracker | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter. | |||||
| CVE-2018-6005 | 1 Realpin Project | 1 Realpin | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter. | |||||
| CVE-2018-6394 | 1 Techjoomla | 1 Invitex | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action. | |||||
| CVE-2018-7177 | 1 Saxum2003 | 1 Numerology | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter. | |||||
| CVE-2018-7178 | 1 Saxum2003 | 1 Saxum Picker | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter. | |||||
| CVE-2018-7179 | 1 Squadmanagement Project | 1 Squadmanagement | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter. | |||||
| CVE-2018-7312 | 1 Alexandriabooklibrary | 1 Alexandria Book Library | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter. | |||||
| CVE-2018-6024 | 1 Thethinkery | 1 Project Log | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter. | |||||
| CVE-2018-7319 | 1 Os Property Real Estate Project | 1 Os Property Real Estate | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter. | |||||
| CVE-2018-5981 | 1 Web-dorado | 1 Gallery Wd | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | |||||
| CVE-2018-7180 | 1 Saxum2003 | 1 Astro | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter. | |||||
| CVE-2018-5982 | 1 Ordasoft | 1 Advertisement Board | 2018-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | |||||
| CVE-2018-5993 | 1 Aist Project | 1 Aist | 2018-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request. | |||||
| CVE-2018-6609 | 1 Jsp Tickets Project | 1 Jsp Tickets | 2018-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action. | |||||
| CVE-2018-6792 | 1 Saifor | 1 Cvms Hub | 2018-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource. The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formularioGestionarSecciones:tablaSeccionesMib:*:filter. The GET parameter is nombreAgente. | |||||
| CVE-2018-3605 | 1 Trendmicro | 1 Control Manager | 2018-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | |||||