Total
19362 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11329 | 1 Glpi-project | 1 Glpi | 2025-04-20 | N/A |
| GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers. | ||||
| CVE-2017-14848 | 1 Dasinfomedia | 1 Wphrm Human Resource Management System | 2025-04-20 | 8.8 High |
| WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter. | ||||
| CVE-2017-15986 | 1 Cpa Lead Reward Script Project | 1 Cpa Lead Reward Script | 2025-04-20 | N/A |
| CPA Lead Reward Script allows SQL Injection via the username parameter. | ||||
| CVE-2017-11470 | 1 Idera | 1 Uptime Infrastructure Monitor | 2025-04-20 | N/A |
| IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. | ||||
| CVE-2016-9994 | 1 Ibm | 1 Kenexa Lcms Premier | 2025-04-20 | N/A |
| IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM Reference #: 1976805. | ||||
| CVE-2016-9992 | 1 Ibm | 1 Kenexa Lcms Premier | 2025-04-20 | N/A |
| IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM Reference #: 1992067. | ||||
| CVE-2015-7568 | 1 Yeager | 1 Yeager Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter. | ||||
| CVE-2015-7569 | 1 Yeager | 1 Yeager Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter. | ||||
| CVE-2015-7877 | 1 User Dashboard Project | 1 User Dashboard | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in the User Dashboard module 7.x before 7.x-1.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-15973 | 1 Sokial | 1 Sokial | 2025-04-20 | N/A |
| Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. | ||||
| CVE-2017-8002 | 1 Emc | 1 Data Protection Advisor | 2025-04-20 | N/A |
| EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands. | ||||
| CVE-2017-10899 | 1 Ark-web | 1 A-reserve | 2025-04-20 | N/A |
| SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-17580 | 1 Linkedin Clone Project | 1 Linkedin Clone | 2025-04-20 | 9.8 Critical |
| FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. | ||||
| CVE-2017-17581 | 1 Quibids Clone Project | 1 Quibids Clone | 2025-04-20 | 9.8 Critical |
| FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter. | ||||
| CVE-2017-14703 | 1 Cashbackcomparisonscript | 1 Cash Back Comparison | 2025-04-20 | N/A |
| SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/. | ||||
| CVE-2017-17582 | 1 Grubhub Clone Project | 1 Grubhub Clone | 2025-04-20 | 9.8 Critical |
| FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter. | ||||
| CVE-2017-14847 | 1 Dasinfomedia | 1 Wpams Apartment Management System | 2025-04-20 | N/A |
| Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter. | ||||
| CVE-2017-17583 | 1 Shutterstock Clone Project | 1 Shutterstock Clone | 2025-04-20 | 9.8 Critical |
| FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. | ||||
| CVE-2015-9234 | 1 Cfpaypal | 1 Cp Contact Form With Paypal | 2025-04-20 | N/A |
| The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has SQL injection via the cp_contactformpp_id parameter to cp_contactformpp.php. | ||||
| CVE-2017-14846 | 1 Dasinfomedia | 1 Hospital Management System | 2025-04-20 | N/A |
| Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter. | ||||