Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11471 | 1 Idera | 1 Uptime Infrastructure Monitor | 2025-04-20 | N/A |
| IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter. | ||||
| CVE-2017-17721 | 1 Zuuse | 1 Beims Contractorweb .net | 2025-04-20 | N/A |
| CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter. | ||||
| CVE-2017-17641 | 1 Resume Clone Script Project | 1 Resume Clone Script | 2025-04-20 | N/A |
| Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter. | ||||
| CVE-2017-13137 | 1 Formcrafts | 1 Formcraft | 2025-04-20 | 9.8 Critical |
| The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php. | ||||
| CVE-2017-17603 | 1 Advanced Real Estate Script Project | 1 Advanced Real Estate Script | 2025-04-20 | N/A |
| Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter. | ||||
| CVE-2017-17591 | 1 Realestate Crowdfunding Script Project | 1 Realestate Crowdfunding Script | 2025-04-20 | N/A |
| Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter. | ||||
| CVE-2017-17573 | 1 Fortunescripts | 1 Ebay Clone | 2025-04-20 | N/A |
| FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter. | ||||
| CVE-2017-17633 | 1 Multiplex Movie Theater Booking Script Project | 1 Multiplex Movie Theater Booking Script | 2025-04-20 | N/A |
| Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter. | ||||
| CVE-2017-17581 | 1 Quibids Clone Project | 1 Quibids Clone | 2025-04-20 | 9.8 Critical |
| FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter. | ||||
| CVE-2017-17608 | 1 Kindergarten - Elementary School Listing Script Project | 1 Kindergarten - Elementary School Listing Script | 2025-04-20 | N/A |
| Child Care Script 1.0 has SQL Injection via the /list city parameter. | ||||
| CVE-2017-5570 | 1 Eclinicalworks | 1 Patient Portal | 2025-04-20 | N/A |
| An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile(). | ||||
| CVE-2017-17624 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2025-04-20 | N/A |
| PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter. | ||||
| CVE-2017-5879 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects source_selector.php and the following parameter: src. | ||||
| CVE-2016-4468 | 2 Cloudfoundry, Pivotal Software | 5 Cloud Foundry Uaa Bosh, Cloud Foundry, Cloud Foundry Elastic Runtime and 2 more | 2025-04-20 | N/A |
| SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-17731 | 1 Dedecms | 1 Dedecms | 2025-04-20 | N/A |
| DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php. | ||||
| CVE-2017-17875 | 1 Jextn | 1 Jextn Faq Pro | 2025-04-20 | N/A |
| The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action. | ||||
| CVE-2012-2576 | 1 Solarwinds | 3 Backup Profiler, Storage Manager, Storage Profiler | 2025-04-20 | N/A |
| SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field. | ||||
| CVE-2017-1002004 | 1 Dtracker Project | 1 Dtracker | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query. | ||||
| CVE-2017-1002010 | 1 Ontraport | 1 Membership Simplified | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function. | ||||
| CVE-2017-5598 | 1 Eclinicalworks | 1 Patient Portal | 2025-04-20 | N/A |
| An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This is a blind SQL injection within the EmployeePortalServlet, which can be exploited by un-authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects the EmployeePortalServlet page and the following parameter: employer. | ||||