| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter. |
| SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field. |
| CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail. |
| Doctor Search Script 1.0 has SQL Injection via the /list city parameter. |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database. |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. |
| Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter. |
| Food Order Script 1.0 has SQL Injection via the /list city parameter. |
| Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter. |
| Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter. |
| SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. |
| Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter. |
| SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504. |
| Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter. |
| Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code. |
| Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter. |
| Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter. |
| Yoga Class Script 1.0 has SQL Injection via the /list city parameter. |
| Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter. |
| Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter. |