Export limit exceeded: 361553 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19590 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-14845 | 1 Dasinfomedia | 1 Wpchurch Church Management System | 2025-04-20 | N/A |
| Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter. | ||||
| CVE-2017-14846 | 1 Dasinfomedia | 1 Hospital Management System | 2025-04-20 | N/A |
| Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter. | ||||
| CVE-2017-14847 | 1 Dasinfomedia | 1 Wpams Apartment Management System | 2025-04-20 | N/A |
| Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter. | ||||
| CVE-2017-11161 | 1 Synology | 1 Photo Station | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php. | ||||
| CVE-2017-15880 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group). | ||||
| CVE-2017-17824 | 1 Piwigo | 1 Piwigo | 2025-04-20 | N/A |
| The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batch_manager_unit.php element_ids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database. | ||||
| CVE-2017-15933 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php. | ||||
| CVE-2017-17829 | 1 Doditsolutions | 1 Bus Booking Script | 2025-04-20 | N/A |
| Bus Booking Script has SQL Injection via the admin/view_seatseller.php sp_id parameter or the admin/view_member.php memid parameter. | ||||
| CVE-2017-15949 | 1 Angry-frog | 1 Xavier | 2025-04-20 | N/A |
| Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php. | ||||
| CVE-2017-15966 | 1 Zh Yandexmap Project | 1 Zh Yandexmap | 2025-04-20 | N/A |
| The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | ||||
| CVE-2017-15973 | 1 Sokial | 1 Sokial | 2025-04-20 | N/A |
| Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. | ||||
| CVE-2017-15981 | 1 Geniusocean | 1 Newspaper | 2025-04-20 | 9.8 Critical |
| Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15983 | 1 Geniusocean | 1 Mymagazine Magazine \& Blog Cms | 2025-04-20 | N/A |
| MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15984 | 1 Bekirk | 1 Creative Management System Lite | 2025-04-20 | N/A |
| Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | ||||
| CVE-2017-15991 | 1 Vastal | 1 Agent Zone | 2025-04-20 | N/A |
| Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982. | ||||
| CVE-2017-15992 | 1 Website Broker Script Project | 1 Website Broker Script | 2025-04-20 | N/A |
| Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. | ||||
| CVE-2017-15993 | 1 Zomato Clone Script Project | 1 Zomato Clone Script | 2025-04-20 | N/A |
| Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter. | ||||
| CVE-2017-1606 | 1 Ibm | 1 Financial Transaction Manager | 2025-04-20 | N/A |
| IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 132926. | ||||
| CVE-2017-17919 | 1 Rubyonrails | 1 Ruby On Rails | 2025-04-20 | 8.1 High |
| SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input | ||||
| CVE-2017-17928 | 1 Ordermanagementscript | 1 Professional Service Script | 2025-04-20 | N/A |
| PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. | ||||