Export limit exceeded: 19593 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19593 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17611 | 1 Doctor Search Script Project | 1 Doctor Search Script | 2025-04-20 | N/A |
| Doctor Search Script 1.0 has SQL Injection via the /list city parameter. | ||||
| CVE-2017-17604 | 1 Entrepreneur Bus Booking Script Project | 1 Entrepreneur Bus Booking Script | 2025-04-20 | N/A |
| Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter. | ||||
| CVE-2017-17584 | 1 Makemytrip Clone Project | 1 Makemytrip Clone | 2025-04-20 | 9.8 Critical |
| FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter. | ||||
| CVE-2017-17583 | 1 Shutterstock Clone Project | 1 Shutterstock Clone | 2025-04-20 | 9.8 Critical |
| FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. | ||||
| CVE-2017-17580 | 1 Linkedin Clone Project | 1 Linkedin Clone | 2025-04-20 | 9.8 Critical |
| FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. | ||||
| CVE-2017-17573 | 1 Fortunescripts | 1 Ebay Clone | 2025-04-20 | N/A |
| FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter. | ||||
| CVE-2017-16735 | 1 Ecava | 1 Integraxor | 2025-04-20 | N/A |
| A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log. | ||||
| CVE-2017-1606 | 1 Ibm | 1 Financial Transaction Manager | 2025-04-20 | N/A |
| IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 132926. | ||||
| CVE-2017-16000 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php. | ||||
| CVE-2017-15992 | 1 Website Broker Script Project | 1 Website Broker Script | 2025-04-20 | N/A |
| Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. | ||||
| CVE-2017-15991 | 1 Vastal | 1 Agent Zone | 2025-04-20 | N/A |
| Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982. | ||||
| CVE-2017-15984 | 1 Bekirk | 1 Creative Management System Lite | 2025-04-20 | N/A |
| Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | ||||
| CVE-2017-15983 | 1 Geniusocean | 1 Mymagazine Magazine \& Blog Cms | 2025-04-20 | N/A |
| MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15981 | 1 Geniusocean | 1 Newspaper | 2025-04-20 | 9.8 Critical |
| Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15973 | 1 Sokial | 1 Sokial | 2025-04-20 | N/A |
| Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. | ||||
| CVE-2017-15966 | 1 Zh Yandexmap Project | 1 Zh Yandexmap | 2025-04-20 | N/A |
| The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | ||||
| CVE-2017-15949 | 1 Angry-frog | 1 Xavier | 2025-04-20 | N/A |
| Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php. | ||||
| CVE-2017-17829 | 1 Doditsolutions | 1 Bus Booking Script | 2025-04-20 | N/A |
| Bus Booking Script has SQL Injection via the admin/view_seatseller.php sp_id parameter or the admin/view_member.php memid parameter. | ||||
| CVE-2017-17823 | 1 Piwigo | 1 Piwigo | 2025-04-20 | N/A |
| The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php order_by array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database. | ||||
| CVE-2014-2023 | 1 Tapatalk | 1 Tapatalk | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/. | ||||