Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1218 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| SQL injection vulnerability in Cybozu Garoon before 4.2.2. | ||||
| CVE-2017-7719 | 1 Web-dorado | 1 Spider Event Calendar | 2025-04-20 | N/A |
| SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | ||||
| CVE-2015-6028 | 1 Castlerock | 1 Snmpc | 2025-04-20 | 8.8 High |
| Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. | ||||
| CVE-2017-17570 | 1 Expedia Clone Project | 1 Expedia Clone | 2025-04-20 | 9.8 Critical |
| FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter. | ||||
| CVE-2016-3046 | 1 Ibm | 5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile, Security Access Manager For Mobile Appliance and 2 more | 2025-04-20 | N/A |
| IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database. | ||||
| CVE-2017-1757 | 1 Ibm | 1 Security Guardium | 2025-04-20 | N/A |
| IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 135858. | ||||
| CVE-2017-16000 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php. | ||||
| CVE-2015-5376 | 1 Gsi-office | 1 Winpat Portal | 2025-04-20 | N/A |
| SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows remote attackers to execute arbitrary SQL commands via the username field. | ||||
| CVE-2016-2034 | 1 Arubanetworks | 1 Clearpass | 2025-04-20 | N/A |
| SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. | ||||
| CVE-2017-15987 | 1 Fake Magazine Cover Script Project | 1 Fake Magazine Cover Script | 2025-04-20 | N/A |
| Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter. | ||||
| CVE-2017-15977 | 1 Protectedlinks | 1 Expiring Download Links | 2025-04-20 | N/A |
| Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | ||||
| CVE-2017-15970 | 1 Phpcityportal | 1 Phpcityportal | 2025-04-20 | N/A |
| PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. | ||||
| CVE-2017-15966 | 1 Zh Yandexmap Project | 1 Zh Yandexmap | 2025-04-20 | N/A |
| The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | ||||
| CVE-2017-1002015 | 1 Anblik | 1 Image-gallery-with-slideshow | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter. | ||||
| CVE-2017-1002021 | 1 Surveys Project | 1 Surveys | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. | ||||
| CVE-2017-15961 | 1 Iproject Management System Project | 1 Iproject Management System | 2025-04-20 | N/A |
| iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. | ||||
| CVE-2017-17594 | 1 Domainsale Php Script Project | 1 Domainsale Php Script | 2025-04-20 | N/A |
| DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter. | ||||
| CVE-2017-17590 | 1 Stackoverflow-clone Project | 1 Stackoverflow-clone | 2025-04-20 | 9.8 Critical |
| FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter. | ||||
| CVE-2017-17589 | 1 Thumbtack Clone Project | 1 Thumbtack Clone | 2025-04-20 | 9.8 Critical |
| FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter. | ||||
| CVE-2017-17585 | 1 Monster Clone Project | 1 Monster Clone | 2025-04-20 | 9.8 Critical |
| FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter. | ||||