Export limit exceeded: 365319 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-1000123 1 Huge-it 1 Video Gallery 2025-04-12 N/A
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
CVE-2016-1000124 1 Huge-it 1 Portfolio Gallery 2025-04-12 N/A
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
CVE-2015-6319 2 Cisco, Sun 23 Rv016 Multi-wan Vpn Router, Rv042 Dual Wan Vpn Router, Rv042g Dual Gigabit Wan Vpn Router and 20 more 2025-04-12 N/A
SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.
CVE-2015-6329 1 Cisco 1 Prime Collaboration Provisioning 2025-04-12 N/A
SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut64074.
CVE-2015-6331 1 Cisco 1 Prime Collaboration Assurance 2025-04-12 N/A
SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887.
CVE-2014-9560 1 Softbb 1 Softbb 2025-04-12 N/A
SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2014-9455 1 Cts Projects\&software 1 Classad 2025-04-12 N/A
SQL injection vulnerability in showads.php in CTS Projects & Software ClassAd 3.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2015-6516 1 Cygnux 1 Syspass 2025-04-12 N/A
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.
CVE-2015-6519 1 Arabportal 1 Arab Portal 2025-04-12 N/A
SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php.
CVE-2014-9347 1 Phpmyrecipes Project 1 Phpmyrecipes 2025-04-12 N/A
SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter.
CVE-2014-9345 1 Guruperl 1 Advertise With Pleasure\! 2025-04-12 N/A
SQL injection vulnerability in Guruperl.net Advertise With Pleasure! Professional (aka AWP PRO) 6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a list_zone action to cgi/client.cgi.
CVE-2015-6548 1 Symantec 1 Web Gateway 2025-04-12 N/A
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-8506 1 Etiko 1 Etiko Cms 2025-04-12 N/A
Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php.
CVE-2014-8367 1 Arubanetworks 1 Clearpass Policy Manager 2025-04-12 N/A
SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-8366 1 Os4ed 1 Opensis 2025-04-12 N/A
SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php.
CVE-2014-8363 1 Wordpress Spreadsheet Project 1 Wordpress Spreadsheet 2025-04-12 N/A
SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.
CVE-2014-8351 1 French National Commission On Informatics And Liberty 1 Cookieviz 2025-04-12 N/A
SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter.
CVE-2015-0919 1 Sefrengo 1 Sefrengo 2025-04-12 N/A
Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter to backend/main.php.
CVE-2014-5389 1 Content Audit Project 1 Content Audit 2025-04-12 N/A
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content types" option in the content-audit page to wp-admin/options-general.php.
CVE-2014-5387 2 Ellislab, Expressionengine 2 Expressionengine, Expressionengine 2025-04-12 N/A
Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.php or the (3) tbl_sort[0][] parameter in the comment module to system/index.php.