Export limit exceeded: 363781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19728 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17959 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2025-04-20 | N/A |
| PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. | ||||
| CVE-2016-7803 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. | ||||
| CVE-2017-2120 | 1 Wbce | 1 Wbce Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in the WBCE CMS 1.1.10 and earlier allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-7789 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter. | ||||
| CVE-2017-2195 | 1 Multi Feed Reader Project | 1 Multi Feed Reader | 2025-04-20 | N/A |
| SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-7788 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2016-7784 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | ||||
| CVE-2016-7783 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | ||||
| CVE-2016-7782 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter. | ||||
| CVE-2016-7781 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter. | ||||
| CVE-2016-7780 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | ||||
| CVE-2017-6088 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5) type parameter to monitoring_ged/ajax.php. | ||||
| CVE-2017-6089 | 1 Phpcollab | 1 Phpcollab | 2025-04-20 | N/A |
| SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to calendar/deletecalendar.php. | ||||
| CVE-2017-6095 | 1 Mail-masta Project | 1 Mail-masta | 2025-04-20 | N/A |
| A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id. | ||||
| CVE-2017-6096 | 1 Mail-masta Project | 1 Mail-masta | 2025-04-20 | N/A |
| A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list. | ||||
| CVE-2017-6097 | 1 Mail-masta Project | 1 Mail-masta | 2025-04-20 | N/A |
| A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id. | ||||
| CVE-2017-6098 | 1 Mail-masta Project | 1 Mail-masta | 2025-04-20 | N/A |
| A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id. | ||||
| CVE-2016-6818 | 1 Sap | 1 Business Intelligence Platform | 2025-04-20 | N/A |
| SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted SQL query. The vendor response is SAP Security Note 2361633. | ||||
| CVE-2017-9436 | 1 Teampass | 1 Teampass | 2025-04-20 | N/A |
| TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php. | ||||
| CVE-2017-8789 | 1 Accellion | 1 File Transfer Appliance | 2025-04-20 | N/A |
| An issue was discovered on Accellion FTA devices before FTA_9_12_180. A report_error.php?year='payload SQL injection vector exists. | ||||