Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5200 | 1 Fb Gorilla Project | 1 Fb Gorilla | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in game_play.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-5192 | 1 Sphider | 1 Sphider | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter. | |||||
| CVE-2014-5189 | 1 Leadoctopus | 1 Lead Octopus | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-10038 | 1 Domphp | 1 Domphp | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and earlier allows remote attackers to execute arbitrary SQL commands via the ids parameter. | |||||
| CVE-2014-10034 | 1 Couponphp | 1 Couponphp | 2017-09-08 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/. | |||||
| CVE-2014-10033 | 1 Oscommerce | 1 Online Merchant | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action. | |||||
| CVE-2014-10032 | 1 Scriptbrasil | 1 Taboada Macronews | 2017-09-08 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-10029 | 1 Fluxbb | 1 Fluxbb | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter. | |||||
| CVE-2014-10023 | 1 Topicsviewer | 1 Topicsviewer | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/. | |||||
| CVE-2014-10020 | 1 Tecorange | 1 Simple E-document | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2014-10017 | 1 Welcart | 1 E-commerce | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php. | |||||
| CVE-2014-10013 | 1 Awpcp | 1 Another Wordpress Classifieds Plugin | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action. | |||||
| CVE-2014-10004 | 1 Maianscriptworld | 1 Maian Uploader | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/data_files/move.php in Maian Uploader 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2014-100031 | 1 Ismail Fahmi | 1 Ganesha Digital Library | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php. | |||||
| CVE-2014-100022 | 1 Mtouch Quiz Project | 1 Mtouch Quiz | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php. | |||||
| CVE-2014-100020 | 1 Itechscripts | 1 Itechclassifieds | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685. | |||||
| CVE-2014-100019 | 1 Pomm-project | 1 Pomm | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2013-7406 | 1 Mrbs Project | 1 Mrbs | 2017-09-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-6654 | 1 Zpanelcp | 1 Zpanel | 2017-09-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) resetkey or (2) inConfEmail parameter to index.php, a different vulnerability than CVE-2012-5685. | |||||
| CVE-2015-8334 | 1 Huawei | 2 Vcn500, Vcn500 Firmware | 2017-09-07 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request. | |||||