Export limit exceeded: 19606 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19606 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17633 | 1 Multiplex Movie Theater Booking Script Project | 1 Multiplex Movie Theater Booking Script | 2025-04-20 | N/A |
| Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter. | ||||
| CVE-2017-17634 | 1 Single Theater Booking Script Project | 1 Single Theater Booking Script | 2025-04-20 | N/A |
| Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter. | ||||
| CVE-2017-17636 | 1 Mlm Forced Matrix Project | 1 Mlm Forced Matrix | 2025-04-20 | N/A |
| MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter. | ||||
| CVE-2017-17637 | 1 Car Rental Script Project | 1 Car Rental Script | 2025-04-20 | N/A |
| Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. | ||||
| CVE-2017-17638 | 1 Groupon Clone Script Project | 1 Groupon Clone Script | 2025-04-20 | N/A |
| Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter. | ||||
| CVE-2017-17639 | 1 Muslim Matrimonial Script Project | 1 Muslim Matrimonial Script | 2025-04-20 | N/A |
| Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter. | ||||
| CVE-2017-17641 | 1 Resume Clone Script Project | 1 Resume Clone Script | 2025-04-20 | N/A |
| Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter. | ||||
| CVE-2017-17642 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2025-04-20 | N/A |
| Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job. | ||||
| CVE-2017-17648 | 1 Entrepreneur Dating Script Project | 1 Entrepreneur Dating Script | 2025-04-20 | N/A |
| Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter. | ||||
| CVE-2017-3549 | 1 Oracle | 1 Scripting | 2025-04-20 | N/A |
| Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Scripting accessible data as well as unauthorized access to critical data or complete access to all Oracle Scripting accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). | ||||
| CVE-2017-17630 | 1 Yoga Class Script Project | 1 Yoga Class Script | 2025-04-20 | N/A |
| Yoga Class Script 1.0 has SQL Injection via the /list city parameter. | ||||
| CVE-2017-17730 | 1 Dedecms | 1 Dedecms | 2025-04-20 | N/A |
| DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php. | ||||
| CVE-2017-17731 | 1 Dedecms | 1 Dedecms | 2025-04-20 | N/A |
| DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. | ||||
| CVE-2017-17629 | 1 Secure E-commerce Script Project | 1 Secure E-commerce Script | 2025-04-20 | N/A |
| Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter. | ||||
| CVE-2017-17628 | 1 Responsive Realestate Script Project | 1 Responsive Realestate Script | 2025-04-20 | N/A |
| Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter. | ||||
| CVE-2015-2798 | 1 Web-dorado | 1 Contact Form Maker | 2025-04-20 | N/A |
| SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2017-9418 | 1 Goldplugins | 1 Testimonials Plugin Easy Testimonials | 2025-04-20 | N/A |
| SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php. | ||||
| CVE-2017-2241 | 2 Apple, Hammock | 2 Mac Os X, Assetview | 2025-04-20 | N/A |
| SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to execute arbitrary SQL commands via "File Transfer Web Service". | ||||
| CVE-2017-2133 | 1 Panasonic | 2 Kx-hjb1000, Kx-hjb1000 Firmware | 2025-04-20 | N/A |
| SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-17626 | 1 Readymade Php Classified Script Project | 1 Readymade Php Classified Script | 2025-04-20 | N/A |
| Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter. | ||||