Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17610 | 1 E-commerce Mlm Software Project | 1 E-commerce Mlm Software | 2025-04-20 | N/A |
| E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter. | ||||
| CVE-2017-17614 | 1 Hotel Restaurant Reviews And Feedback Script Project | 1 Hotel Restaurant Reviews And Feedback Script | 2025-04-20 | N/A |
| Food Order Script 1.0 has SQL Injection via the /list city parameter. | ||||
| CVE-2017-17616 | 1 Event Calendar Category Script Project | 1 Event Calendar Category Script | 2025-04-20 | N/A |
| Event Search Script 1.0 has SQL Injection via the /event-list city parameter. | ||||
| CVE-2017-17617 | 1 Foodspotting Clone Script Project | 1 Foodspotting Clone Script | 2025-04-20 | N/A |
| Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter. | ||||
| CVE-2017-17618 | 1 Kickstarter Clone Script Project | 1 Kickstarter Clone Script | 2025-04-20 | N/A |
| Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter. | ||||
| CVE-2017-17619 | 1 Laundry Booking Script Project | 1 Laundry Booking Script | 2025-04-20 | N/A |
| Laundry Booking Script 1.0 has SQL Injection via the /list city parameter. | ||||
| CVE-2017-17621 | 1 Multivendor Penny Auction Clone Script Project | 1 Multivendor Penny Auction Clone Script | 2025-04-20 | N/A |
| Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI. | ||||
| CVE-2017-17622 | 1 Online Exam Test Application Script Project | 1 Online Exam Test Application Script | 2025-04-20 | N/A |
| Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter. | ||||
| CVE-2015-9234 | 1 Cfpaypal | 1 Cp Contact Form With Paypal | 2025-04-20 | N/A |
| The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has SQL injection via the cp_contactformpp_id parameter to cp_contactformpp.php. | ||||
| CVE-2015-9226 | 1 Alegrocart | 1 Alegrocart | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the (1) check_download and possibly (2) check_filename function in upload/admin2/model/products/model_admin_download.php or remote authenticated users with a valid Paypal transaction token to execute arbitrary SQL commands via the ref parameter in the (3) orderUpdate function in upload/catalog/extension/payment/paypal.php. | ||||
| CVE-2017-12364 | 1 Cisco | 1 Prime Service Catalog | 2025-04-20 | N/A |
| A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. The vulnerability is due to a failure to validate user-supplied input that is used in SQL queries. An attacker could exploit this vulnerability by sending a crafted SQL statement to an affected system. Successful exploitation could allow the attacker to read entries in some database tables. Cisco Bug IDs: CSCvg30333. | ||||
| CVE-2017-15986 | 1 Cpa Lead Reward Script Project | 1 Cpa Lead Reward Script | 2025-04-20 | N/A |
| CPA Lead Reward Script allows SQL Injection via the username parameter. | ||||
| CVE-2017-15985 | 1 Readymadeb2bscript | 1 Basic B2b Script | 2025-04-20 | N/A |
| Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter. | ||||
| CVE-2017-15984 | 1 Bekirk | 1 Creative Management System Lite | 2025-04-20 | N/A |
| Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | ||||
| CVE-2017-15983 | 1 Geniusocean | 1 Mymagazine Magazine \& Blog Cms | 2025-04-20 | N/A |
| MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15982 | 1 Geniusocean | 1 News | 2025-04-20 | 9.8 Critical |
| Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15980 | 1 Rowindex | 1 Us Zip Codes Database Script | 2025-04-20 | N/A |
| US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter. | ||||
| CVE-2017-15979 | 1 Odallated | 1 Shareet | 2025-04-20 | N/A |
| Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter. | ||||
| CVE-2017-15978 | 1 Arox | 1 School Erp Php Script | 2025-04-20 | N/A |
| AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter. | ||||
| CVE-2017-15977 | 1 Protectedlinks | 1 Expiring Download Links | 2025-04-20 | N/A |
| Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | ||||