Export limit exceeded: 18888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18888 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-1450 | 1 Restaurantbiller | 1 Restaurant Biller | 2025-04-12 | N/A |
| SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php. | ||||
| CVE-2015-1467 | 1 Fork-cms | 1 Fork Cms | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index. | ||||
| CVE-2016-1000115 | 1 Huge-it | 1 Portfolio Gallery Manager | 2025-04-12 | N/A |
| Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS | ||||
| CVE-2016-1000113 | 1 Huge-it | 1 Gallery | 2025-04-12 | 9.8 Critical |
| XSS and SQLi in huge IT gallery v1.1.5 for Joomla | ||||
| CVE-2015-1471 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2025-04-12 | N/A |
| SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI. | ||||
| CVE-2015-1476 | 1 Ecommercemajor Project | 1 Ecommercemajor | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allow remote attackers to execute arbitrary SQL commands via the (1) productbycat parameter to product.php, or (2) username or (3) password parameter to __admin/index.php. | ||||
| CVE-2015-1477 | 1 Cmsjunkie | 1 J-classifiedsmanager | 2025-04-12 | N/A |
| SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads. | ||||
| CVE-2015-1479 | 1 Zohocorp | 1 Servicedesk Plus | 2025-04-12 | N/A |
| SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter. | ||||
| CVE-2015-1491 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
| SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-1513 | 1 Siphon | 1 Siphone Enterprise Pbx | 2025-04-12 | N/A |
| SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username. | ||||
| CVE-2015-1514 | 1 Fancyfon | 1 Famoc | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php. | ||||
| CVE-2015-1517 | 1 Piwigo | 1 Piwigo | 2025-04-12 | N/A |
| SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php. | ||||
| CVE-2015-1518 | 1 Redaxscript | 1 Redaxscript | 2025-04-12 | N/A |
| SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter. | ||||
| CVE-2015-1560 | 1 Centreon | 1 Centreon | 2025-04-12 | N/A |
| SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon web 2.7.0) allows remote attackers to execute arbitrary SQL commands via the sid parameter to include/common/XmlTree/GetXmlTree.php. | ||||
| CVE-2015-1576 | 1 Yuba | 1 U5cms | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php. | ||||
| CVE-2015-1605 | 1 Dell | 1 Asset Manager | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx. | ||||
| CVE-2015-1616 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2025-04-12 | N/A |
| SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-2183 | 1 Zeuscart | 1 Zeuscart | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2) subadminmgt edit action or (3) cid parameter in an editcurrency action to admin/. | ||||
| CVE-2015-2803 | 1 Akronymmanager Project | 1 Akronymmanager | 2025-04-12 | N/A |
| SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2015-2824 | 1 Simple Ads Manager Project | 1 Simple Ads Manager | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php. | ||||