Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17571 | 1 Foodpanda Clone Project | 1 Foodpanda Clone | 2025-04-20 | 9.8 Critical |
| FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter. | ||||
| CVE-2017-17643 | 1 Lynda Clone Project | 1 Lynda Clone | 2025-04-20 | 9.8 Critical |
| FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/. | ||||
| CVE-2017-17111 | 1 Scubez | 1 Posty Readymade Classifieds | 2025-04-20 | N/A |
| Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request. | ||||
| CVE-2017-6577 | 1 Mail-masta Project | 1 Mail-masta | 2025-04-20 | N/A |
| A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id. | ||||
| CVE-2017-13068 | 1 Qnap | 1 Qts Helpdesk | 2025-04-20 | N/A |
| QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack. | ||||
| CVE-2017-16561 | 1 Ingenious School Management System Project | 1 Ingenious School Management System | 2025-04-20 | N/A |
| /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. | ||||
| CVE-2015-7714 | 1 Realtyna | 1 Realtyna Property Listing | 2025-04-20 | 7.2 High |
| Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6) cat_id, (7) text_search, (8) plisting, or (9) pwizard parameter to administrator/index.php. | ||||
| CVE-2017-16543 | 1 Zohocorp | 1 Manageengine Applications Manager | 2025-04-20 | N/A |
| Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter. | ||||
| CVE-2017-16542 | 1 Zohocorp | 1 Manageengine Applications Manager | 2025-04-20 | N/A |
| Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request. | ||||
| CVE-2017-16000 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php. | ||||
| CVE-2017-15993 | 1 Zomato Clone Script Project | 1 Zomato Clone Script | 2025-04-20 | N/A |
| Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter. | ||||
| CVE-2017-15989 | 1 Online Exam Test Application Project | 1 Online Exam Test Application | 2025-04-20 | N/A |
| Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action. | ||||
| CVE-2017-15988 | 1 Nicephpscripts | 1 Nice Php Faq Script | 2025-04-20 | N/A |
| Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525. | ||||
| CVE-2017-15987 | 1 Fake Magazine Cover Script Project | 1 Fake Magazine Cover Script | 2025-04-20 | N/A |
| Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter. | ||||
| CVE-2015-7564 | 1 Teampass | 1 Teampass | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php. | ||||
| CVE-2017-15986 | 1 Cpa Lead Reward Script Project | 1 Cpa Lead Reward Script | 2025-04-20 | N/A |
| CPA Lead Reward Script allows SQL Injection via the username parameter. | ||||
| CVE-2017-15985 | 1 Readymadeb2bscript | 1 Basic B2b Script | 2025-04-20 | N/A |
| Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter. | ||||
| CVE-2017-5575 | 1 Metalgenix | 1 Genixcms | 2025-04-20 | N/A |
| SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the modules parameter. | ||||
| CVE-2017-15984 | 1 Bekirk | 1 Creative Management System Lite | 2025-04-20 | N/A |
| Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | ||||
| CVE-2017-15983 | 1 Geniusocean | 1 Mymagazine Magazine \& Blog Cms | 2025-04-20 | N/A |
| MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||