Total
15590 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18597 | 1 Jtrt Responsive Tables Project | 1 Jtrt Responsive Tables | 2024-11-21 | 8.8 High |
| The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter. | ||||
| CVE-2017-18573 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | N/A |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | ||||
| CVE-2017-18571 | 1 Search Everything Project | 1 Search Everything | 2024-11-21 | N/A |
| The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316. | ||||
| CVE-2017-18570 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | N/A |
| The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries. | ||||
| CVE-2017-18548 | 1 Datainterlock | 1 Note Press | 2024-11-21 | N/A |
| The note-press plugin before 0.1.2 for WordPress has SQL injection. | ||||
| CVE-2017-18515 | 1 Veronalabs | 1 Wp Statistics | 2024-11-21 | N/A |
| The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. | ||||
| CVE-2017-18514 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 9.8 Critical |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | ||||
| CVE-2017-18406 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276). | ||||
| CVE-2017-18346 | 1 Web-gooroo | 1 Cms Web-gooroo | 2024-11-21 | N/A |
| SQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo through 2013-01-19 allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter. | ||||
| CVE-2017-18291 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter. | ||||
| CVE-2017-18290 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter. | ||||
| CVE-2017-18289 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter. | ||||
| CVE-2017-18288 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter. | ||||
| CVE-2017-18287 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter. | ||||
| CVE-2017-18260 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | N/A |
| Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter). | ||||
| CVE-2017-18194 | 1 Hamayeshnegar | 1 Hamayeshnegar Cms | 2024-11-21 | N/A |
| SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter. | ||||
| CVE-2017-17999 | 1 Fairsketch | 1 Rise Ultimate Project Manager | 2024-11-21 | N/A |
| SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/. | ||||
| CVE-2017-17970 | 1 Muvikoscript | 1 Muviko | 2024-11-21 | N/A |
| Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php. | ||||
| CVE-2017-17902 | 1 Kliqqi | 1 Kliqqi Cms | 2024-11-21 | N/A |
| SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI. | ||||
| CVE-2017-17659 | 1 Quest | 1 Netvault Backup | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobHistory Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. Was ZDI-CAN-4906. | ||||