Export limit exceeded: 46955 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19590 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19590 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9333 | 1 Moxa | 1 Softcms | 2025-04-20 | N/A |
| An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input (SQL INJECTION). | ||||
| CVE-2017-1000004 | 1 Atutor | 1 Atutor | 2025-04-20 | N/A |
| ATutor version 2.2.1 and earlier are vulnerable to a SQL injection in the Assignment Dropbox, BasicLTI, Blog Post, Blog, Group Course Email, Course Alumni, Course Enrolment, Group Membership, Course unenrolment, Course Enrolment List Search, Glossary, Social Group Member Search, Social Friend Search, Social Group Search, File Comment, Gradebook Test Title, User Group Membership, Inbox/Sent Items, Sent Messages, Links, Photo Album, Poll, Social Application, Social Profile, Test, Content Menu, Auto-Login, and Gradebook components resulting in information disclosure, database modification, or potential code execution. | ||||
| CVE-2017-1000060 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | 9.8 Critical |
| EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root | ||||
| CVE-2017-1000120 | 1 Frappe | 1 Frappe | 2025-04-20 | N/A |
| [ERPNext][Frappe Version <= 7.1.27] SQL injection vulnerability in frappe.share.get_users allows remote authenticated users to execute arbitrary SQL commands via the fields parameter. | ||||
| CVE-2017-1000129 | 1 S9y | 1 Serendipity | 2025-04-20 | N/A |
| Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure | ||||
| CVE-2017-10898 | 1 Ark-web | 1 A-member | 2025-04-20 | N/A |
| SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-10899 | 1 Ark-web | 1 A-reserve | 2025-04-20 | N/A |
| SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-11200 | 1 Finecms Project | 1 Finecms | 2025-04-20 | N/A |
| SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter. | ||||
| CVE-2017-11419 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title']. | ||||
| CVE-2017-12650 | 1 Loginizer | 1 Loginizer | 2025-04-20 | N/A |
| SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | ||||
| CVE-2017-12710 | 1 Advantech | 1 Webaccess | 2025-04-20 | N/A |
| A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information. | ||||
| CVE-2017-12731 | 1 Opwglobal | 6 Sitesentinel Integra 100, Sitesentinel Integra 100 Firmware, Sitesentinel Integra 500 and 3 more | 2025-04-20 | N/A |
| A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. The application is vulnerable to injection of malicious SQL queries via the input from the client. | ||||
| CVE-2017-12774 | 1 Finecms Project | 1 Finecms | 2025-04-20 | N/A |
| finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database | ||||
| CVE-2017-1356 | 1 Ibm | 1 Atlas Ediscovery Process Management | 2025-04-20 | N/A |
| IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683. | ||||
| CVE-2017-13669 | 1 Nexusphp | 1 Nexusphp | 2025-04-20 | N/A |
| SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php. | ||||
| CVE-2017-17875 | 1 Jextn | 1 Jextn Faq Pro | 2025-04-20 | N/A |
| The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action. | ||||
| CVE-2017-14238 | 1 Dolibarr | 1 Dolibarr | 2025-04-20 | N/A |
| SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter. | ||||
| CVE-2017-14242 | 1 Dolibarr | 1 Dolibarr | 2025-04-20 | N/A |
| SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter. | ||||
| CVE-2015-2147 | 1 Phpbugtracker Project | 1 Phpbugtracker | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. | ||||
| CVE-2017-14345 | 1 Blog Project | 1 Blog | 2025-04-20 | N/A |
| SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php. | ||||