Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-6013 1 Intelliants 1 Subrion Cms 2025-04-20 N/A
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
CVE-2017-15880 1 Eyesofnetwork 1 Eyesofnetwork 2025-04-20 N/A
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group).
CVE-2017-15946 1 Selfget 1 Tag Meta 2025-04-20 N/A
In the com_tag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the `tag` parameter to index.php. The request method to execute is GET.
CVE-2017-15949 1 Angry-frog 1 Xavier 2025-04-20 N/A
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.
CVE-2017-15969 1 Pilotgroup 1 Allsharevideo 2025-04-20 N/A
PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.
CVE-2017-16542 1 Zohocorp 1 Manageengine Applications Manager 2025-04-20 N/A
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
CVE-2017-16543 1 Zohocorp 1 Manageengine Applications Manager 2025-04-20 N/A
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
CVE-2017-5611 3 Debian, Oracle, Wordpress 3 Debian Linux, Data Integrator, Wordpress 2025-04-20 9.8 Critical
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
CVE-2017-16733 1 Ecava 1 Integraxor 2025-04-20 N/A
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which an attacker can leverage to disclose sensitive information from the database.
CVE-2017-16735 1 Ecava 1 Integraxor 2025-04-20 N/A
A SQL Injection issue was discovered in Ecava IntegraXor v 6.1.1030.1 and prior. The SQL Injection vulnerability has been identified, which generates an error in the database log.
CVE-2017-17572 1 Amazon Clone Project 1 Amazon Clone 2025-04-20 9.8 Critical
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.
CVE-2017-17567 1 Scubez 1 Posty Readymade Classifieds 2025-04-20 N/A
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
CVE-2017-17570 1 Expedia Clone Project 1 Expedia Clone 2025-04-20 9.8 Critical
FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.
CVE-2017-17571 1 Foodpanda Clone Project 1 Foodpanda Clone 2025-04-20 9.8 Critical
FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.
CVE-2017-17577 1 Trademe Clone Project 1 Trademe Clone 2025-04-20 9.8 Critical
FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.
CVE-2017-17578 1 Crowdfunding Script Project 1 Crowdfunding Script 2025-04-20 9.8 Critical
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
CVE-2017-17579 1 Freelancer Clone Project 1 Freelancer Clone 2025-04-20 9.8 Critical
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
CVE-2017-17586 1 Olx Clone Project 1 Olx Clone 2025-04-20 9.8 Critical
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
CVE-2017-17588 1 Imdb Clone Project 1 Imdb Clone 2025-04-20 9.8 Critical
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
CVE-2017-17589 1 Thumbtack Clone Project 1 Thumbtack Clone 2025-04-20 9.8 Critical
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.