Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-125077 | 1 Searx Stats Project | 1 Searx Stats | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This issue affects some unknown processing of the file cgi/cron.php. The manipulation leads to sql injection. The patch is named 281bd679a4474ddb222d16c1c380f252839cc18f. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218351. | |||||
| CVE-2014-125040 | 1 Devnewsaggregator Project | 1 Devnewsaggregator | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in stevejagodzinski DevNewsAggregator. It has been rated as critical. Affected by this issue is the function getByName of the file php/data_access/RemoteHtmlContentDataAccess.php. The manipulation of the argument name leads to sql injection. The name of the patch is b9de907e7a8c9ca9d75295da675e58c5bf06b172. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217484. | |||||
| CVE-2014-125038 | 1 Is Projecto2 Project | 1 Is Projecto2 | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in IS_Projecto2 and classified as critical. This vulnerability affects unknown code of the file Cnn-EJB/ejbModule/ejbs/NewsBean.java. The manipulation of the argument date leads to sql injection. The name of the patch is aa128b2c9c9fdcbbf5ecd82c1e92103573017fe0. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217192. | |||||
| CVE-2014-125053 | 1 Piwigo | 1 Guestbook | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to version 1.3.1 is able to address this issue. The patch is identified as 0cdd1c388edf15089c3a7541cefe7756e560581d. It is recommended to upgrade the affected component. VDB-217582 is the identifier assigned to this vulnerability. | |||||
| CVE-2014-125029 | 1 Paginationserviceprovider Project | 1 Paginationserviceprovider | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in ttskch PaginationServiceProvider up to 0.x. It has been declared as critical. This vulnerability affects unknown code of the file demo/index.php of the component demo. The manipulation of the argument sort/id leads to sql injection. Upgrading to version 1.0.0 is able to address this issue. The patch is identified as 619de478efce17ece1a3b913ab16e40651e1ea7b. It is recommended to upgrade the affected component. VDB-217150 is the identifier assigned to this vulnerability. | |||||
| CVE-2014-125065 | 1 Bottle-auth Project | 1 Bottle-auth | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c1429096e3479744223ffb4fda276875. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217632. | |||||
| CVE-2014-125074 | 1 Voyager Project | 1 Voyager | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Nayshlok Voyager. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Voyager/src/models/DatabaseAccess.java. The manipulation leads to sql injection. The identifier of the patch is f1249f438cd8c39e7ef2f6c8f2ab76b239a02fae. It is recommended to apply a patch to fix this issue. The identifier VDB-218005 was assigned to this vulnerability. | |||||
| CVE-2014-125073 | 1 Voteapp Project | 1 Voteapp | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in mapoor voteapp. It has been rated as critical. Affected by this issue is the function create_poll/do_poll/show_poll/show_refresh of the file app.py. The manipulation leads to sql injection. The patch is identified as b290c21a0d8bcdbd55db860afd3cadec97388e72. It is recommended to apply a patch to fix this issue. VDB-217790 is the identifier assigned to this vulnerability. | |||||
| CVE-2014-125081 | 1 Debutsav Project | 1 Debutsav | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in risheesh debutsav. This issue affects some unknown processing. The manipulation leads to sql injection. The patch is named 7a8430df79277c613449262201cc792db894fc76. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218459. | |||||
| CVE-2014-125091 | 1 Codepeople | 1 Polls Cp | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 6d7168cbf12d1c183bacc5cd5678f6f5b0d518d2. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222268. | |||||
| CVE-2014-125075 | 1 Gmail-servlet Project | 1 Gmail-servlet | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in gmail-servlet and classified as critical. This issue affects the function search of the file src/Model.java. The manipulation leads to sql injection. The identifier of the patch is 5d72753c2e95bb373aa86824939397dc25f679ea. It is recommended to apply a patch to fix this issue. The identifier VDB-218021 was assigned to this vulnerability. | |||||
| CVE-2014-125079 | 1 Pontifex.http Project | 1 Pontifex.http | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in agy pontifex.http. It has been declared as critical. This vulnerability affects unknown code of the file lib/Http.coffee. The manipulation leads to sql injection. Upgrading to version 0.1.0 is able to address this issue. The name of the patch is e52a758f96861dcef2dabfecb9da191bb2e07761. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218356. | |||||
| CVE-2014-125063 | 1 Bid Project | 1 Bid | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in ada-l0velace Bid and classified as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identifier of the patch is abd71140b8219fa8741d0d8a57ab27d5bfd34222. It is recommended to apply a patch to fix this issue. The identifier VDB-217625 was assigned to this vulnerability. | |||||
| CVE-2014-125045 | 1 Meol1 Project | 1 Meol1 | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in meol1 and classified as critical. Affected by this vulnerability is the function GetAnimal of the file opdracht4/index.php. The manipulation of the argument where leads to sql injection. The identifier of the patch is 82441e413f87920d1e8f866e8ef9d7f353a7c583. It is recommended to apply a patch to fix this issue. The identifier VDB-217525 was assigned to this vulnerability. | |||||
| CVE-2013-10013 | 1 Authenticator Plugin Project | 1 Authenticator Plugin | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Bricco Authenticator Plugin. It has been declared as critical. This vulnerability affects the function authenticate/compare of the file src/java/talentum/escenic/plugins/authenticator/authenticators/DBAuthenticator.java. The manipulation leads to sql injection. Upgrading to version 1.39 is able to address this issue. The name of the patch is a5456633ff75e8f13705974c7ed1ce77f3f142d5. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218428. | |||||
| CVE-2013-10019 | 1 Oclc | 1 Oaicat | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in OCLC-Research OAICat 1.5.61. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.5.62 is able to address this issue. The identifier of the patch is 6cc65501869fa663bcd24a70b63f41f5cfe6b3e1. It is recommended to upgrade the affected component. The identifier VDB-221489 was assigned to this vulnerability. | |||||
| CVE-2013-10011 | 1 Classroom-engagement-system Project | 1 Classroom-engagement-system | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in aeharding classroom-engagement-system and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. The attack may be launched remotely. The name of the patch is 096de5815c7b414e7339f3439522a446098fb73a. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218156. | |||||
| CVE-2013-10016 | 1 Webfinance Project | 1 Webfinance | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability was found in fanzila WebFinance 0.5 and classified as critical. This issue affects some unknown processing of the file htdocs/admin/save_taxes.php. The manipulation of the argument id leads to sql injection. The patch is named 306f170ca2a8203ae3d8f51fb219ba9e05b945e1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-220055. | |||||
| CVE-2013-10014 | 1 2moons Project | 1 2moons | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in oktora24 2moons. Affected is an unknown function. The manipulation leads to sql injection. The patch is identified as 1b09cf7672eb85b5b0c8a4de321f7a4ad87b09a7. It is recommended to apply a patch to fix this issue. VDB-218898 is the identifier assigned to this vulnerability. | |||||
| CVE-2013-10015 | 1 Webfinance Project | 1 Webfinance | 2024-05-17 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in fanzila WebFinance 0.5 and classified as critical. This vulnerability affects unknown code of the file htdocs/admin/save_Contract_Signer_Role.php. The manipulation of the argument n/v leads to sql injection. The patch is identified as abad81af614a9ceef3f29ab22ca6bae517619e06. It is recommended to apply a patch to fix this issue. VDB-220054 is the identifier assigned to this vulnerability. | |||||