Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6654 | 1 Zpanelcp | 1 Zpanel | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) resetkey or (2) inConfEmail parameter to index.php, a different vulnerability than CVE-2012-5685. | |||||
| CVE-2014-9173 | 1 Google Doc Embedder Project | 1 Google Doc Embedder | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter. | |||||
| CVE-2014-7176 | 1 Enalean | 1 Tuleap | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman. | |||||
| CVE-2014-8506 | 1 Etiko | 1 Etiko Cms | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php. | |||||
| CVE-2014-10023 | 1 Topicsviewer | 1 Topicsviewer | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/. | |||||
| CVE-2014-10032 | 1 Scriptbrasil | 1 Taboada Macronews | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-9175 | 1 Wpdatatables | 1 Wpdatatables | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php. | |||||
| CVE-2014-5249 | 1 Biblio Autocomplete Project | 1 Biblio Autocomplete | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the "Biblio self autocomplete" submodule in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-100031 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php. | |||||
| CVE-2014-10034 | 1 Couponphp | 1 Couponphp | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/. | |||||
| CVE-2014-6241 | 1 Wt Directory Project | 1 Wt Directory | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the wt_directory extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-10017 | 1 Welcart | 1 E-commerce | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php. | |||||
| CVE-2014-5440 | 1 Mpexsolutions | 1 Mx-smartimer | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Login.aspx in MPEX Business Solutions MX-SmartTimer before 13.19.18 allows remote attackers to execute arbitrary SQL commands via the ct100%24CPHContent%24password parameter. | |||||
| CVE-2014-8766 | 1 Allomani | 1 Allomani Weblinks | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in a browse action to index.php or (2) unspecified parameters to admin.php. | |||||
| CVE-2014-5275 | 1 Prochatrooms | 1 Text Chat Rooms | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter. | |||||
| CVE-2014-9528 | 1 Humhub | 1 Humhub | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the from parameter to index.php. NOTE: this can be leveraged for cross-site scripting (XSS) attacks via a request that causes an error. | |||||
| CVE-2014-5192 | 1 Sphider | 1 Sphider | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter. | |||||
| CVE-2014-6233 | 1 Flat Manager Project | 1 Flat Manager | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-0580 | 1 Cisco | 1 Secure Access Control System | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System (ACS) before 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027. | |||||
| CVE-2014-6080 | 1 Ibm | 2 Security Access Manager For Mobile, Security Access Manager For Web | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||