Total
18012 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18570 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
|
|||||
| CVE-2017-18548 | 1 Datainterlock | 1 Note Press | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The note-press plugin before 0.1.2 for WordPress has SQL injection.
|
|||||
| CVE-2017-18515 | 1 Veronalabs | 1 Wp Statistics | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The wp-statistics plugin before 12.0.8 for WordPress has SQL injection.
|
|||||
| CVE-2017-18514 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.
|
|||||
| CVE-2017-18406 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276).
|
|||||
| CVE-2017-18346 | 1 Web-gooroo | 1 Cms Web-gooroo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo through 2013-01-19 allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter.
|
|||||
| CVE-2017-18291 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.
|
|||||
| CVE-2017-18290 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.
|
|||||
| CVE-2017-18289 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.
|
|||||
| CVE-2017-18288 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.
|
|||||
| CVE-2017-18287 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.
|
|||||
| CVE-2017-18260 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).
|
|||||
| CVE-2017-18194 | 1 Hamayeshnegar | 1 Hamayeshnegar Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter.
|
|||||
| CVE-2017-17999 | 1 Fairsketch | 1 Rise Ultimate Project Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
|
|||||
| CVE-2017-17970 | 1 Muvikoscript | 1 Muviko | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php.
|
|||||
| CVE-2017-17902 | 1 Kliqqi | 1 Kliqqi Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI.
|
|||||
| CVE-2017-17659 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobHistory Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying databas ...
Show More |
|||||
| CVE-2017-17658 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobDefinitions Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying dat ...
Show More |
|||||
| CVE-2017-17657 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup TimeRange method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying datab ...
Show More |
|||||
| CVE-2017-17656 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup JobList method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying databas ...
Show More |
|||||
| CVE-2017-17655 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup PluginList method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying data ...
Show More |
|||||
| CVE-2017-17654 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup ClientList method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying data ...
Show More |
|||||
| CVE-2017-17653 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupOptionSet Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying da ...
Show More |
|||||
| CVE-2017-17652 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Count method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. ...
Show More |
|||||
| CVE-2017-17425 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUSourceDeviceSet Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying da ...
Show More |
|||||
| CVE-2017-17424 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUScheduleSet Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying databa ...
Show More |
|||||
| CVE-2017-17423 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupSegment Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying data ...
Show More |
|||||
| CVE-2017-17422 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. W ...
Show More |
|||||
| CVE-2017-17421 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUSelectionSet Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying datab ...
Show More |
|||||
| CVE-2017-17420 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobCountHistory Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying da ...
Show More |
|||||
| CVE-2017-17419 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUTransferHistory Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying da ...
Show More |
|||||
| CVE-2017-17418 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPolicy Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. W ...
Show More |
|||||
| CVE-2017-17417 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlyin ...
Show More |
|||||
| CVE-2017-17416 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus GetPlugins method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying ...
Show More |
|||||
| CVE-2017-17415 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Count method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying data ...
Show More |
|||||
| CVE-2017-17414 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying databa ...
Show More |
|||||
| CVE-2017-17413 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupTargetSet Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying da ...
Show More |
|||||
| CVE-2017-17412 | 1 Quest | 1 Netvault Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of GET method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute arbitrary code in the context of the underlying database. Wa ...
Show More |
|||||
| CVE-2017-16716 | 1 Advantech | 1 Webaccess | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
|
|||||
| CVE-2017-16558 | 1 Contao | 1 Contao Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the back end as well as in the listing module.
|
|||||