Export limit exceeded: 357524 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357524 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5985 | 1 Livecrm | 1 Livecrm Saas Cloud | 2024-11-21 | N/A |
| SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request. | ||||
| CVE-2018-5984 | 1 Tumder Project | 1 Tumder | 2024-11-21 | N/A |
| SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI. | ||||
| CVE-2018-5983 | 1 Jquickcontact Project | 1 Jquickcontact | 2024-11-21 | N/A |
| SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request. | ||||
| CVE-2018-5982 | 1 Ordasoft | 1 Advertisement Board | 2024-11-21 | N/A |
| SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | ||||
| CVE-2018-5981 | 1 Web-dorado | 1 Gallery Wd | 2024-11-21 | N/A |
| SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | ||||
| CVE-2018-5980 | 1 Solidres | 1 Solidres | 2024-11-21 | N/A |
| SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action. | ||||
| CVE-2018-5979 | 1 Wchat Project | 1 Wchat | 2024-11-21 | N/A |
| SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field. | ||||
| CVE-2018-5978 | 1 Zechat Project | 1 Zechat | 2024-11-21 | N/A |
| SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field. | ||||
| CVE-2018-5977 | 1 Getaffiligator | 1 Affiligator | 2024-11-21 | N/A |
| SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request. | ||||
| CVE-2018-5976 | 1 Rsvp Invitation Online Project | 1 Rsvp Invitation Online | 2024-11-21 | N/A |
| Cross Site Request Forgery (CSRF) exists in RSVP Invitation Online 1.0 via function/account.php, as demonstrated by modifying the admin password. | ||||
| CVE-2018-5975 | 1 Thekrotek | 1 Smart Shoutbox | 2024-11-21 | N/A |
| SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI. | ||||
| CVE-2018-5974 | 1 Albonico | 1 Simplecalendar | 2024-11-21 | N/A |
| SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter. | ||||
| CVE-2018-5973 | 1 Eihitech | 1 Professional Local Directory Script | 2024-11-21 | N/A |
| SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter. | ||||
| CVE-2018-5972 | 1 Quickad Project | 1 Quickad | 2024-11-21 | N/A |
| SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI. | ||||
| CVE-2018-5971 | 1 Ordasoft | 1 Medialibrary | 2024-11-21 | N/A |
| SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter. | ||||
| CVE-2018-5970 | 1 Techjoomla | 1 Jgive | 2024-11-21 | N/A |
| SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter. | ||||
| CVE-2018-5969 | 1 Photography Cms Project | 1 Photography Cms | 2024-11-21 | N/A |
| Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via clients/resources/ajax/ajax_new_admin.php, as demonstrated by adding an admin account. | ||||
| CVE-2018-5968 | 4 Debian, Fasterxml, Netapp and 1 more | 12 Debian Linux, Jackson-databind, E-series Santricity Os Controller and 9 more | 2024-11-21 | 8.1 High |
| FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist. | ||||
| CVE-2018-5967 | 1 Netis-systems | 2 Wf2419, Wf2419 Firmware | 2024-11-21 | N/A |
| Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page. | ||||
| CVE-2018-5965 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | N/A |
| CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter. | ||||