Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4627 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2017-09-12 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Pragyan CMS 3.0. | |||||
| CVE-2015-3314 | 1 Tune Library Project | 1 Tune Library | 2017-09-11 | 6.8 MEDIUM | 8.1 HIGH |
| SQL injection vulnerability in WordPress Tune Library plugin before 1.5.5. | |||||
| CVE-2015-3313 | 1 Community Events Project | 1 Community Events | 2017-09-11 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in WordPress Community Events plugin before 1.4. | |||||
| CVE-2016-1914 | 1 Blackberry | 1 Blackberry Enterprise Service | 2017-09-09 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image. | |||||
| CVE-2015-8261 | 1 Ipswitch | 1 Whatsup Gold | 2017-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request. | |||||
| CVE-2014-100022 | 1 Mtouch Quiz Project | 1 Mtouch Quiz | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php. | |||||
| CVE-2014-10038 | 1 Domphp | 1 Domphp | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and earlier allows remote attackers to execute arbitrary SQL commands via the ids parameter. | |||||
| CVE-2014-10013 | 1 Awpcp | 1 Another Wordpress Classifieds Plugin | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action. | |||||
| CVE-2015-0580 | 1 Cisco | 1 Secure Access Control System | 2017-09-07 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System (ACS) before 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027. | |||||
| CVE-2014-10004 | 1 Maianscriptworld | 1 Maian Uploader | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/data_files/move.php in Maian Uploader 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-10033 | 1 Oscommerce | 1 Online Merchant | 2017-09-07 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action. | |||||
| CVE-2014-100031 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2017-09-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php. | |||||
| CVE-2014-10032 | 1 Scriptbrasil | 1 Taboada Macronews | 2017-09-07 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-10023 | 1 Topicsviewer | 1 Topicsviewer | 2017-09-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/. | |||||
| CVE-2014-10020 | 1 Tecorange | 1 Simple E-document | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2014-10017 | 1 Welcart | 1 E-commerce | 2017-09-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php. | |||||
| CVE-2015-1423 | 1 Jakweb | 1 Gecko Cms | 2017-09-07 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php. | |||||
| CVE-2015-1513 | 1 Siphon | 1 Siphone Enterprise Pbx | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username. | |||||
| CVE-2014-10029 | 1 Fluxbb | 1 Fluxbb | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter. | |||||
| CVE-2013-7406 | 1 Mrbs Project | 1 Mrbs | 2017-09-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||