Total
17353 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5987 | 1 Social Pinboard Project | 1 Social Pinboard | 2024-11-21 | N/A |
| SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action. | ||||
| CVE-2018-5986 | 1 Easycarscript | 1 Easycarscript | 2024-11-21 | 9.8 Critical |
| SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php. | ||||
| CVE-2018-5985 | 1 Livecrm | 1 Livecrm Saas Cloud | 2024-11-21 | N/A |
| SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request. | ||||
| CVE-2018-5984 | 1 Tumder Project | 1 Tumder | 2024-11-21 | N/A |
| SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI. | ||||
| CVE-2018-5983 | 1 Jquickcontact Project | 1 Jquickcontact | 2024-11-21 | N/A |
| SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request. | ||||
| CVE-2018-5982 | 1 Ordasoft | 1 Advertisement Board | 2024-11-21 | N/A |
| SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | ||||
| CVE-2018-5981 | 1 Web-dorado | 1 Gallery Wd | 2024-11-21 | N/A |
| SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | ||||
| CVE-2018-5980 | 1 Solidres | 1 Solidres | 2024-11-21 | N/A |
| SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action. | ||||
| CVE-2018-5979 | 1 Wchat Project | 1 Wchat | 2024-11-21 | N/A |
| SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field. | ||||
| CVE-2018-5978 | 1 Zechat Project | 1 Zechat | 2024-11-21 | N/A |
| SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field. | ||||
| CVE-2018-5977 | 1 Getaffiligator | 1 Affiligator | 2024-11-21 | N/A |
| SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request. | ||||
| CVE-2018-5975 | 1 Thekrotek | 1 Smart Shoutbox | 2024-11-21 | N/A |
| SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI. | ||||
| CVE-2018-5974 | 1 Albonico | 1 Simplecalendar | 2024-11-21 | N/A |
| SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter. | ||||
| CVE-2018-5973 | 1 Eihitech | 1 Professional Local Directory Script | 2024-11-21 | N/A |
| SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter. | ||||
| CVE-2018-5972 | 1 Quickad Project | 1 Quickad | 2024-11-21 | N/A |
| SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI. | ||||
| CVE-2018-5971 | 1 Ordasoft | 1 Medialibrary | 2024-11-21 | N/A |
| SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter. | ||||
| CVE-2018-5970 | 1 Techjoomla | 1 Jgive | 2024-11-21 | N/A |
| SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter. | ||||
| CVE-2018-5960 | 1 Tribalsystems | 1 Zenario | 2024-11-21 | 8.8 High |
| Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of organizer.php or admin_boxes.ajax.php in the `Categories - Edit` module. | ||||
| CVE-2018-5778 | 1 Progress | 1 Whatsup Gold | 2024-11-21 | N/A |
| An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2018-5697 | 1 Icyphoenix | 1 Icyphoenix | 2024-11-21 | N/A |
| Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to admin_kb_art.php or the order parameter to admin_jr_admin.php, related to functions_kb.php. | ||||