Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6394 | 1 Techjoomla | 1 Invitex | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action. | |||||
| CVE-2018-7178 | 1 Saxum2003 | 1 Saxum Picker | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter. | |||||
| CVE-2018-7177 | 1 Saxum2003 | 1 Numerology | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter. | |||||
| CVE-2018-7179 | 1 Squadmanagement Project | 1 Squadmanagement | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter. | |||||
| CVE-2018-6024 | 1 Thethinkery | 1 Project Log | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter. | |||||
| CVE-2018-7312 | 1 Alexandriabooklibrary | 1 Alexandria Book Library | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter. | |||||
| CVE-2018-7319 | 1 Os Property Real Estate Project | 1 Os Property Real Estate | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter. | |||||
| CVE-2018-5981 | 1 Web-dorado | 1 Gallery Wd | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | |||||
| CVE-2018-7180 | 1 Saxum2003 | 1 Astro | 2018-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter. | |||||
| CVE-2018-5982 | 1 Ordasoft | 1 Advertisement Board | 2018-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | |||||
| CVE-2018-5993 | 1 Aist Project | 1 Aist | 2018-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request. | |||||
| CVE-2018-6609 | 1 Jsp Tickets Project | 1 Jsp Tickets | 2018-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action. | |||||
| CVE-2018-6792 | 1 Saifor | 1 Cvms Hub | 2018-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource. The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formularioGestionarSecciones:tablaSeccionesMib:*:filter. The GET parameter is nombreAgente. | |||||
| CVE-2018-3605 | 1 Trendmicro | 1 Control Manager | 2018-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | |||||
| CVE-2018-1000044 | 1 Securityonion | 1 Squert | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec(). This vulnerability appears to have been fixed in 1.7.0. | |||||
| CVE-2018-6863 | 1 Select Your College Script Project | 1 Select Your College Script | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter. | |||||
| CVE-2018-6582 | 1 Zh Googlemap Project | 1 Zh Googlemap | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request. | |||||
| CVE-2018-6604 | 1 Zh Yandexmap Project | 1 Zh Yandexmap | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request. | |||||
| CVE-2018-6605 | 1 Zh Baidumap Project | 1 Zh Baidumap | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request. | |||||
| CVE-2018-3607 | 1 Trendmicro | 1 Control Manager | 2018-02-27 | 6.5 MEDIUM | 8.8 HIGH |
| XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | |||||