Search Results (19769 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17103 1 Fiyo 1 Fiyo Cms 2025-04-20 N/A
Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. This vulnerability can lead to escalation from normal user privileges to administrator privileges.
CVE-2017-16000 1 Eyesofnetwork 1 Eyesofnetwork 2025-04-20 N/A
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
CVE-2017-17616 1 Event Calendar Category Script Project 1 Event Calendar Category Script 2025-04-20 N/A
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
CVE-2017-5569 1 Eclinicalworks 1 Patient Portal 2025-04-20 N/A
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP POST request, and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile().
CVE-2017-14846 1 Dasinfomedia 1 Hospital Management System 2025-04-20 N/A
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-17617 1 Foodspotting Clone Script Project 1 Foodspotting Clone Script 2025-04-20 N/A
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.
CVE-2017-14845 1 Dasinfomedia 1 Wpchurch Church Management System 2025-04-20 N/A
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14844 1 Dasinfomedia 1 Wpgym Gym Management System 2025-04-20 N/A
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
CVE-2017-14843 1 Dasinfomedia 1 School Management System 2025-04-20 N/A
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-17618 1 Kickstarter Clone Script Project 1 Kickstarter Clone Script 2025-04-20 N/A
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
CVE-2017-7410 1 Websitebaker 1 Websitebaker 2025-04-20 9.8 Critical
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter.
CVE-2017-17619 1 Laundry Booking Script Project 1 Laundry Booking Script 2025-04-20 N/A
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
CVE-2017-14842 1 Dasinfomedia 1 Smsmaster Multipurpose Sms Gateway 2025-04-20 N/A
Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter.
CVE-2017-17622 1 Online Exam Test Application Script Project 1 Online Exam Test Application Script 2025-04-20 N/A
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
CVE-2017-17621 1 Multivendor Penny Auction Clone Script Project 1 Multivendor Penny Auction Clone Script 2025-04-20 N/A
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
CVE-2017-17628 1 Responsive Realestate Script Project 1 Responsive Realestate Script 2025-04-20 N/A
Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.
CVE-2017-17633 1 Multiplex Movie Theater Booking Script Project 1 Multiplex Movie Theater Booking Script 2025-04-20 N/A
Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter.
CVE-2017-17634 1 Single Theater Booking Script Project 1 Single Theater Booking Script 2025-04-20 N/A
Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
CVE-2017-17637 1 Car Rental Script Project 1 Car Rental Script 2025-04-20 N/A
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
CVE-2017-17638 1 Groupon Clone Script Project 1 Groupon Clone Script 2025-04-20 N/A
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.