Export limit exceeded: 18900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4194 | 1 Aas9 | 1 Zerocms | 2025-04-12 | N/A |
| SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action. | ||||
| CVE-2014-4197 | 1 Bssys | 1 Rbs Bs-client | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS BS-Client 3.17.9 allow remote attackers to execute arbitrary SQL commands via the (1) CARDS or (2) XACTION parameter. | ||||
| CVE-2014-4850 | 1 Foecms | 1 Foecms | 2025-04-12 | N/A |
| SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter. | ||||
| CVE-2014-4852 | 1 Thedigitalcraft | 1 Atomcms | 2025-04-12 | N/A |
| SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2014-4858 | 1 Sabreairlinesolutions | 5 Crew Management, Crew Operations, Crew Planning and 2 more | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field. | ||||
| CVE-2014-4873 | 1 Bmc | 1 Track-it\! | 2025-04-12 | N/A |
| SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data. | ||||
| CVE-2016-1437 | 1 Cisco | 1 Prime Collaboration Deployment | 2025-04-12 | N/A |
| SQL injection vulnerability in the SQL database in Cisco Prime Collaboration Deployment before 11.5.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy92549. | ||||
| CVE-2014-4938 | 1 Wp Rss Poster Plugin Project | 1 Wp-rss-poster | 2025-04-12 | N/A |
| SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to wp-admin/admin.php. | ||||
| CVE-2014-4939 | 1 Enl Newsletter Plugin Project | 1 Enl-newsletter | 2025-04-12 | N/A |
| SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the enl-add-new page to wp-admin/admin.php. | ||||
| CVE-2014-4944 | 1 Bannersky | 1 Bsk Pdf Manager | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.php. | ||||
| CVE-2014-4960 | 1 Joomlaboat | 1 Com Youtubegallery | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php. | ||||
| CVE-2014-4977 | 1 Sonicwall | 1 Scrutinizer | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the (2) user_id parameter in the changeUnit function, (3) methodDetail parameter in the methodDetail function, or (4) xcNetworkDetail parameter in the xcNetworkDetail function in d4d/exporters.php. | ||||
| CVE-2014-3483 | 2 Redhat, Rubyonrails | 2 Rhel Software Collections, Rails | 2025-04-12 | N/A |
| SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting. | ||||
| CVE-2014-5017 | 1 Limesurvey | 1 Limesurvey | 2025-04-12 | N/A |
| SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipants_json, related to a search parameter. | ||||
| CVE-2014-5082 | 1 Sphider | 1 Sphider | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and earlier, Sphider Pro, and Sphider-plus allow remote attackers to execute arbitrary SQL commands via the (1) site_id or (2) url parameter. | ||||
| CVE-2014-5089 | 1 Status2k | 1 Status2k | 2025-04-12 | N/A |
| SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary SQL commands via the log parameter. | ||||
| CVE-2014-5102 | 1 Vbulletin | 1 Vbulletin | 2025-04-12 | N/A |
| SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items. | ||||
| CVE-2014-5104 | 1 Ol-commerce Project | 1 Ol-commerce | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php. | ||||
| CVE-2014-5109 | 1 Netfortris | 1 Trixbox | 2025-04-12 | N/A |
| SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action. | ||||
| CVE-2014-5159 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-12 | N/A |
| SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary SQL commands via the ws_data parameter. | ||||