Export limit exceeded: 18268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3973 | 1 Frontaccounting | 1 Frontaccounting | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-100035 | 1 Licensepal | 1 Arcticdesk | 2025-04-12 | N/A |
| SQL injection vulnerability in the ticket grid in the admin interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-100031 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php. | ||||
| CVE-2014-100019 | 1 Pomm-project | 1 Pomm | 2025-04-12 | N/A |
| SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-100003 | 1 Yourmembers Project | 1 Yourmembers | 2025-04-12 | N/A |
| SQL injection vulnerability in includes/ym-download_functions.include.php in the Code Futures YourMembers plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ym_download_id parameter to the default URI. | ||||
| CVE-2014-3978 | 1 Tomatocart | 1 Tomatocart | 2025-04-12 | N/A |
| SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact. | ||||
| CVE-2015-5459 | 1 Zohocorp | 1 Manageengine Password Manager Pro | 2025-04-12 | N/A |
| SQL injection vulnerability in the AdvanceSearch.class in AdventNetPassTrix.jar in ManageEngine Password Manager Pro (PMP) before 8.1 Build 8101 allows remote authenticated users to execute arbitrary SQL commands via the ANDOR parameter, as demonstrated by a request to STATE_ID/1425543888647/SQLAdvancedALSearchResult.cc. | ||||
| CVE-2014-3997 | 1 Zohocorp | 2 Manageengine It360, Manageengine Password Manager Pro | 2025-04-12 | N/A |
| SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition before 10.3.3 build 10330, and possibly other ManageEngine products, allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the sv parameter to MetadataServlet.dat. | ||||
| CVE-2013-7369 | 1 F-secure | 3 Anti-virus, Email And Server Security, Server Security | 2025-04-12 | N/A |
| SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure Server Security 9.20 before HF01 allows remote attackers to execute arbitrary SQL commands via unknown vectors, related to GetCommand. | ||||
| CVE-2013-7355 | 1 Sap | 1 Bi Universal Data Integration | 2025-04-12 | N/A |
| SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema. | ||||
| CVE-2014-4034 | 1 Aas9 | 1 Zerocms | 2025-04-12 | N/A |
| SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | ||||
| CVE-2015-1008 | 1 Emerson | 1 Ams Device Manager | 2025-04-12 | N/A |
| SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated users to gain privileges via malformed input. | ||||
| CVE-2014-4194 | 1 Aas9 | 1 Zerocms | 2025-04-12 | N/A |
| SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action. | ||||
| CVE-2014-4197 | 1 Bssys | 1 Rbs Bs-client | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS BS-Client 3.17.9 allow remote attackers to execute arbitrary SQL commands via the (1) CARDS or (2) XACTION parameter. | ||||
| CVE-2014-4850 | 1 Foecms | 1 Foecms | 2025-04-12 | N/A |
| SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter. | ||||
| CVE-2014-4852 | 1 Thedigitalcraft | 1 Atomcms | 2025-04-12 | N/A |
| SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2015-2292 | 1 Yoast | 1 Wordpress Seo | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page to wp-admin/admin.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands. | ||||
| CVE-2015-1000011 | 1 Dukapress Project | 1 Dukapress | 2025-04-12 | N/A |
| Blind SQL Injection in wordpress plugin dukapress v2.5.9 | ||||
| CVE-2015-1000003 | 1 Filedownload Project | 1 Filedownload | 2025-04-12 | N/A |
| Blind SQL Injection in filedownload v1.4 wordpress plugin | ||||
| CVE-2015-0524 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | N/A |
| SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||