Export limit exceeded: 18950 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18950 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-1518 | 1 Redaxscript | 1 Redaxscript | 2025-04-12 | N/A |
| SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter. | ||||
| CVE-2015-1576 | 1 Yuba | 1 U5cms | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php. | ||||
| CVE-2014-3973 | 1 Frontaccounting | 1 Frontaccounting | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-1000217 | 1 Zotpress Project | 1 Zotpress | 2025-04-12 | N/A |
| Zotpress plugin for WordPress SQLi in zp_get_account() | ||||
| CVE-2016-1000117 | 1 Huge-it | 1 Slideshow | 2025-04-12 | N/A |
| XSS & SQLi in HugeIT slideshow v1.0.4 | ||||
| CVE-2013-2046 | 1 Owncloud | 1 Owncloud Server | 2025-04-12 | N/A |
| SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-3978 | 1 Tomatocart | 1 Tomatocart | 2025-04-12 | N/A |
| SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact. | ||||
| CVE-2011-5277 | 1 Advanced Forum Signatures Project | 1 Advanced Forum Signatures | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in signature.php in the Advanced Forum Signatures (aka afsignatures) plugin 2.0.4 for MyBB allow remote attackers to execute arbitrary SQL commands via the (1) afs_type, (2) afs_background, (3) afs_showonline, (4) afs_bar_left, (5) afs_bar_center, (6) afs_full_line1, (7) afs_full_line2, (8) afs_full_line3, (9) afs_full_line4, (10) afs_full_line5, or (11) afs_full_line6 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2016-1000000 | 1 Progress | 1 Whatsup Gold | 2025-04-12 | N/A |
| Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection | ||||
| CVE-2016-0224 | 1 Ibm | 1 Marketing Platform | 2025-04-12 | N/A |
| SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-2934 | 1 Caldera | 1 Caldera | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php. | ||||
| CVE-2014-3055 | 1 Ibm | 2 Websphere Portal, Websphere Portal Unified Task List Portlet | 2025-04-12 | N/A |
| SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-8995 | 1 Maarch | 1 Letterbox | 2025-04-12 | N/A |
| SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie. | ||||
| CVE-2015-1393 | 1 10web | 1 Photo Gallery | 2025-04-12 | N/A |
| SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php. | ||||
| CVE-2014-5184 | 1 Stripshow Plugin Project | 1 Stripshow | 2025-04-12 | N/A |
| SQL injection vulnerability in the stripshow-storylines page in the stripShow plugin 2.5.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the story parameter in an edit action to wp-admin/admin.php. | ||||
| CVE-2015-1605 | 1 Dell | 1 Asset Manager | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx. | ||||
| CVE-2014-5192 | 1 Sphider | 1 Sphider | 2025-04-12 | N/A |
| SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter. | ||||
| CVE-2014-7981 | 1 Joomla | 1 Joomla\! | 2025-04-12 | N/A |
| SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-4066 | 1 Tri | 1 Gigpress | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php. | ||||
| CVE-2014-10017 | 1 Welcart | 1 E-commerce | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php. | ||||