Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9175 | 1 Wpdatatables | 1 Wpdatatables | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php. | |||||
| CVE-2014-9173 | 1 Google Doc Embedder Project | 1 Google Doc Embedder | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter. | |||||
| CVE-2014-9005 | 1 Vld Interactive | 1 Vldpersonals | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote attackers to execute arbitrary SQL commands via the (1) country, (2) gender1, or ((3) gender2 parameter in a search action to index.php. | |||||
| CVE-2014-8995 | 1 Maarch | 1 Letterbox | 2017-09-08 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie. | |||||
| CVE-2014-8766 | 1 Allomani | 1 Allomani Weblinks | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in a browse action to index.php or (2) unspecified parameters to admin.php. | |||||
| CVE-2014-8681 | 1 Gogits | 1 Gogs | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues. | |||||
| CVE-2014-8668 | 1 Sap | 1 Contract Accounting | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-8664 | 1 Sap | 1 Environment Health And Safety | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Product Safety (EHS-SAF) component in SAP Environment, Health, and Safety Management allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-8586 | 1 Cp Multi View Event Calendar Project | 1 Cp Multi View Event Calendar | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter. | |||||
| CVE-2014-8506 | 1 Etiko | 1 Etiko Cms | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php. | |||||
| CVE-2014-8499 | 1 Manageengine | 1 Password Manager Pro | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdvancedALSearchResult.cc or (2) AdvancedSearchResult.cc. | |||||
| CVE-2014-8351 | 1 French National Commission On Informatics And Liberty | 1 Cookieviz | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter. | |||||
| CVE-2014-7176 | 1 Enalean | 1 Tuleap | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman. | |||||
| CVE-2014-6241 | 1 Wt Directory Project | 1 Wt Directory | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the wt_directory extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-6233 | 1 Flat Manager Project | 1 Flat Manager | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-6080 | 1 Ibm | 2 Security Access Manager For Mobile, Security Access Manager For Web | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-5440 | 1 Mpexsolutions | 1 Mx-smartimer | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Login.aspx in MPEX Business Solutions MX-SmartTimer before 13.19.18 allows remote attackers to execute arbitrary SQL commands via the ct100%24CPHContent%24password parameter. | |||||
| CVE-2014-5275 | 1 Prochatrooms | 1 Text Chat Rooms | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter. | |||||
| CVE-2014-5262 | 1 Cacti | 1 Cacti | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-5249 | 1 Biblio Autocomplete Project | 1 Biblio Autocomplete | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the "Biblio self autocomplete" submodule in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||