Total
18938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-4873 | 1 Bmc | 1 Track-it\! | 2025-04-12 | N/A |
| SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data. | ||||
| CVE-2014-7867 | 1 Zohocorp | 3 Manageengine It360, Manageengine Opmanager, Manageengine Social It Plus | 2025-04-12 | N/A |
| SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the probeName parameter. | ||||
| CVE-2015-1400 | 1 Npds | 1 Revolution | 2025-04-12 | N/A |
| SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter. | ||||
| CVE-2015-2102 | 1 Clip-bucket | 1 Clipbucket | 2025-04-12 | N/A |
| SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter. | ||||
| CVE-2015-1423 | 1 Jakweb | 1 Gecko Cms | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php. | ||||
| CVE-2013-5117 | 1 Zldnn | 1 Dnnarticle | 2025-04-12 | N/A |
| SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter. | ||||
| CVE-2015-8261 | 1 Progress | 1 Whatsup Gold | 2025-04-12 | N/A |
| The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request. | ||||
| CVE-2014-4034 | 1 Aas9 | 1 Zerocms | 2025-04-12 | N/A |
| SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | ||||
| CVE-2014-3937 | 1 Ajaydsouza | 1 Contextual Related Posts | 2025-04-12 | N/A |
| SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-3872 | 1 Dlink | 2 Dap-1350, Dap-1350 Firmware | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev. A1) with firmware 1.14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password. | ||||
| CVE-2014-3783 | 1 Dotclear | 1 Dotclear | 2025-04-12 | N/A |
| SQL injection vulnerability in admin/categories.php in Dotclear before 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categories_order parameter. | ||||
| CVE-2016-1000125 | 1 Huge-it | 1 Huge-it Catalog | 2025-04-12 | N/A |
| Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla | ||||
| CVE-2015-0524 | 1 Emc | 1 Secure Remote Services | 2025-04-12 | N/A |
| SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-6911 | 1 Synology | 1 Video Station | 2025-04-12 | N/A |
| SQL injection vulnerability in Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary SQL commands via the id parameter to watchstatus.cgi. | ||||
| CVE-2016-0710 | 1 Apache | 1 Jetspeed | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/. | ||||
| CVE-2016-1000124 | 1 Huge-it | 1 Portfolio Gallery | 2025-04-12 | N/A |
| Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 | ||||
| CVE-2015-3325 | 1 Wpsymposium | 1 Wp Symposium | 2025-04-12 | N/A |
| SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI. | ||||
| CVE-2015-3980 | 1 Sap | 1 Customer Relationship Management | 2025-04-12 | N/A |
| SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534. | ||||
| CVE-2015-8769 | 1 Joomla | 1 Joomla\! | 2025-04-12 | N/A |
| SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-0916 | 1 Cacti | 1 Cacti | 2025-04-12 | N/A |
| SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035. | ||||