Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5189 | 1 Leadoctopus | 1 Lead Octopus | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2015-1423 | 1 Jakweb | 1 Gecko Cms | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php. | |||||
| CVE-2014-10004 | 1 Maianscriptworld | 1 Maian Uploader | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/data_files/move.php in Maian Uploader 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-9440 | 1 Phpmyrecipes Project | 1 Phpmyrecipes | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2014-9348 | 1 Robotstats | 1 Robotstats | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot parameter to admin/robots.php. | |||||
| CVE-2014-10033 | 1 Oscommerce | 1 Online Merchant | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action. | |||||
| CVE-2014-10038 | 1 Domphp | 1 Domphp | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and earlier allows remote attackers to execute arbitrary SQL commands via the ids parameter. | |||||
| CVE-2014-8499 | 1 Manageengine | 1 Password Manager Pro | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdvancedALSearchResult.cc or (2) AdvancedSearchResult.cc. | |||||
| CVE-2014-100022 | 1 Mtouch Quiz Project | 1 Mtouch Quiz | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php. | |||||
| CVE-2014-9445 | 1 Installatron | 1 Gatequest File Manager | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in incl/create.inc.php in Installatron GQ File Manager 0.2.5 allows remote attackers to execute arbitrary SQL commands via the create parameter to index.php. NOTE: this can be leveraged for cross-site scripting (XSS) attacks by creating a file that generates an error. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information. | |||||
| CVE-2014-8681 | 1 Gogits | 1 Gogs | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues. | |||||
| CVE-2014-100019 | 1 Pomm-project | 1 Pomm | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-8664 | 1 Sap | 1 Environment Health And Safety | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Product Safety (EHS-SAF) component in SAP Environment, Health, and Safety Management allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-5200 | 1 Fb Gorilla Project | 1 Fb Gorilla | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in game_play.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-100020 | 1 Itechscripts | 1 Itechclassifieds | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685. | |||||
| CVE-2014-8351 | 1 French National Commission On Informatics And Liberty | 1 Cookieviz | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter. | |||||
| CVE-2014-8668 | 1 Sap | 1 Contract Accounting | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-1513 | 1 Siphon | 1 Siphone Enterprise Pbx | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username. | |||||
| CVE-2014-10029 | 1 Fluxbb | 1 Fluxbb | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter. | |||||
| CVE-2013-7406 | 1 Mrbs Project | 1 Mrbs | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||