Export limit exceeded: 19542 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19542 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7346 | 1 Zcms Project | 1 Zcms | 2025-04-20 | N/A |
| SQL injection vulnerability in ZCMS 1.1. | ||||
| CVE-2015-7564 | 1 Teampass | 1 Teampass | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php. | ||||
| CVE-2015-7714 | 1 Realtyna | 1 Realtyna Property Listing | 2025-04-20 | 7.2 High |
| Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6) cat_id, (7) text_search, (8) plisting, or (9) pwizard parameter to administrator/index.php. | ||||
| CVE-2016-9402 | 1 Mybb | 2 Merge System, Mybb | 2025-04-20 | N/A |
| SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-15081 | 1 Phpsugar | 1 Php Melody | 2025-04-20 | N/A |
| In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. | ||||
| CVE-2017-1002010 | 1 Ontraport | 1 Membership Simplified | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function. | ||||
| CVE-2017-1002012 | 1 Anblik | 1 Image-gallery-with-slideshow | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement. | ||||
| CVE-2017-1002013 | 1 Anblik | 1 Image-gallery-with-slideshow | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php. | ||||
| CVE-2017-1002015 | 1 Anblik | 1 Image-gallery-with-slideshow | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter. | ||||
| CVE-2017-1002021 | 1 Surveys Project | 1 Surveys | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. | ||||
| CVE-2017-1002022 | 1 Surveys Project | 1 Surveys | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query. | ||||
| CVE-2017-1002023 | 1 Daisythemes | 1 Easy Team Manager | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php | ||||
| CVE-2017-1002025 | 1 Add-edit-delete-listing-for-member-module Project | 1 Add-edit-delete-listing-for-member-module | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement. | ||||
| CVE-2017-1002026 | 1 Eventespresso | 1 Event Espresso | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement. | ||||
| CVE-2017-1002027 | 1 Rayanehdownload | 1 Rk-responsive-contact-form | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rk_user_list.php. | ||||
| CVE-2017-1002028 | 1 Angrybyte | 1 Gallery-transformation | 2025-04-20 | N/A |
| Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query. | ||||
| CVE-2017-16733 | 1 Ecava | 1 Integraxor | 2025-04-20 | N/A |
| A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive information from the database. | ||||
| CVE-2017-11412 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/controller/comment_status.php via $_GET['id']. | ||||
| CVE-2017-11415 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level']. | ||||
| CVE-2017-11416 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter. | ||||