Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-14242 1 Dolibarr 1 Dolibarr 2025-04-20 N/A
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter.
CVE-2017-14252 1 Eyesofnetwork 1 Eyesofnetwork 2025-04-20 N/A
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php.
CVE-2017-8796 1 Accellion 1 File Transfer Appliance 2025-04-20 N/A
An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because mysql_real_escape_string is misused, seos/courier/communication_p2p.php allows SQL injection with the app_id parameter.
CVE-2017-10839 1 Seopanel 1 Seo Panel 2025-04-20 N/A
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-14844 1 Dasinfomedia 1 Wpgym Gym Management System 2025-04-20 N/A
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
CVE-2017-14845 1 Dasinfomedia 1 Wpchurch Church Management System 2025-04-20 N/A
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14846 1 Dasinfomedia 1 Hospital Management System 2025-04-20 N/A
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14847 1 Dasinfomedia 1 Wpams Apartment Management System 2025-04-20 N/A
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14848 1 Dasinfomedia 1 Wphrm Human Resource Management System 2025-04-20 8.8 High
WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.
CVE-2017-10842 1 Basercms 1 Basercms 2025-04-20 N/A
SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-17651 1 Paid To Read Script Project 1 Paid To Read Script 2025-04-20 N/A
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
CVE-2017-17642 1 Basic Job Site Script Project 1 Basic Job Site Script 2025-04-20 N/A
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.
CVE-2017-17637 1 Car Rental Script Project 1 Car Rental Script 2025-04-20 N/A
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
CVE-2017-17635 1 Mlm Forex Market Plan Script Project 1 Mlm Forex Market Plan Script 2025-04-20 N/A
MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter.
CVE-2017-14738 1 Filerun 1 Filerun 2025-04-20 N/A
FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).
CVE-2017-6577 1 Mail-masta Project 1 Mail-masta 2025-04-20 N/A
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id.
CVE-2017-6573 1 Mail-masta Project 1 Mail-masta 2025-04-20 N/A
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id.
CVE-2017-6570 1 Mail-masta Project 1 Mail-masta 2025-04-20 N/A
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.
CVE-2017-6013 1 Intelliants 1 Subrion Cms 2025-04-20 N/A
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
CVE-2016-7783 1 Exponentcms 1 Exponent Cms 2025-04-20 N/A
SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.