Export limit exceeded: 18893 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18893 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3961 | 1 Xnau | 1 Participants Database | 2025-04-12 | N/A |
| SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/. | ||||
| CVE-2014-3962 | 1 Videos Tube Project | 1 Videos Tube | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php. | ||||
| CVE-2014-3973 | 1 Frontaccounting | 1 Frontaccounting | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-4305 | 1 Nice | 1 Recording Express | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-4307 | 1 Webtitan | 1 Webtitan | 2025-04-12 | N/A |
| SQL injection vulnerability in categories-x.php in WebTitan before 4.04 allows remote attackers to execute arbitrary SQL commands via the sortkey parameter. | ||||
| CVE-2014-4313 | 1 Epicor | 1 Epicor Procurement | 2025-04-12 | N/A |
| SQL injection vulnerability in Epicor Procurement before 7.4 SP2 allows remote attackers to execute arbitrary SQL commands via the User field. | ||||
| CVE-2014-4424 | 1 Apple | 1 Os X Server | 2025-04-12 | N/A |
| SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-5184 | 1 Stripshow Plugin Project | 1 Stripshow | 2025-04-12 | N/A |
| SQL injection vulnerability in the stripshow-storylines page in the stripShow plugin 2.5.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the story parameter in an edit action to wp-admin/admin.php. | ||||
| CVE-2014-5185 | 1 Quartz Plugin Project | 1 Quartz Plugin | 2025-04-12 | N/A |
| SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edit action in the quartz/quote_form.php page to wp-admin/edit.php. | ||||
| CVE-2014-5186 | 1 All Video Gallery Plugin Project | 1 All-video-gallery | 2025-04-12 | N/A |
| SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogallery_videos page to wp-admin/admin.php. | ||||
| CVE-2014-5189 | 1 Leadoctopus | 1 Lead Octopus | 2025-04-12 | N/A |
| SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2014-5192 | 1 Sphider | 1 Sphider | 2025-04-12 | N/A |
| SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter. | ||||
| CVE-2014-5200 | 1 Fb Gorilla Project | 1 Fb Gorilla | 2025-04-12 | N/A |
| SQL injection vulnerability in game_play.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2014-5201 | 1 Gallery Objects Project | 1 Gallery Objects | 2025-04-12 | N/A |
| SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/admin-ajax.php. | ||||
| CVE-2014-2211 | 1 Posh Project | 1 Posh | 2025-04-12 | N/A |
| SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter. | ||||
| CVE-2014-9464 | 1 Microweber | 1 Microweber | 2025-04-12 | N/A |
| SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category, related to the $parent_id variable. | ||||
| CVE-2015-2196 | 1 Web-dorado | 1 Spider Calendar | 2025-04-12 | N/A |
| SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php. | ||||
| CVE-2014-1597 | 1 I-doit | 1 I-doit | 2025-04-12 | N/A |
| SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI. | ||||
| CVE-2014-2540 | 1 Orbitscripts | 1 Orbit Open Ad Server | 2025-04-12 | N/A |
| SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_directory. | ||||
| CVE-2014-2323 | 4 Debian, Lighttpd, Opensuse and 1 more | 5 Debian Linux, Lighttpd, Opensuse and 2 more | 2025-04-12 | 9.8 Critical |
| SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. | ||||