CWE:
 

Topic
Date
Author
Med.
CMS SAUDI SOFTECH Sql injection Vulnerability
16.01.2018
indoushka
Med.
RISE 1.9 SQL Injection
16.01.2018
Ahmad Mahfouz
Med.
WordPress Testimonial Slider 1.2.4 SQL Injection
11.01.2018
DefenseCode
Med.
WordPress Smooth Slider 2.8.6 SQL Injection
11.01.2018
DefenseCode
Med.
WordPress Dbox 3D Slider Lite 1.2.2 SQL Injection
11.01.2018
DefenseCode
Med.
Muviko 1.1 SQL Injection
10.01.2018
Ahmad Mahfouz
Med.
WordPress Plugin Events Calendar event_id SQL Injection
10.01.2018
Dennis Veninga
Med.
RYNA Consulting Sql İnjection Vulnerability
09.01.2018
Turkz.org
Med.
WordPress WpJobBoard 4.4.4 SQL Injection
07.01.2018
Vulnerability Lab
Med.
Gespage 7.4.8 SQL Injection
05.01.2018
Mickael KARATEKIN
Med.
Icyphoenix 2.2.0.105 SQL Injection
05.01.2018
Vulnerability Lab
Med.
Joomla Ad Agency 6.0.9 SQL Injection
05.01.2018
Vulnerability Lab
Med.
Joomla JUX Real Estate 3.3.0 SQL Injection
05.01.2018
Bilal KARDADOU
Med.
Joomla J-BusinessDirectory 4.7.3 SQL Injection
05.01.2018
Bilal KARDADOU
Med.
Joomla JMultipleHotelReservation 6.0.5 SQL Injection
05.01.2018
Bilal KARDADOU
Med.
Joomla EXP Auto 4.2.3 SQL Injection
04.01.2018
Bilal KARDADOU
Med.
EMC xPression 4.5SP1 Patch 13 model.jobHistoryId SQL Injection
04.01.2018
Pawel Gocyla
Med.
WordPress Smart Google Code Inserter SQL Injection
04.01.2018
Benjamin Lim
Med.
MCI Portal SQL INJECT Vulnerabilities
03.01.2018
E1.Coders
Med.
WordPress Plugin Smart Google Code Inserter < 3.5 Authentication Bypass / SQL Injection
03.01.2018
Benjamin Lim
Med.
Joomla JomDirectory 4.4 SQL Injection
03.01.2018
Bilal KARDADOU
Med.
Joomla VP Conversion Tracking 1.7 SQL Injection
03.01.2018
Abde Ouabala
Med.
Joomla YouBumpit 2.0 SQL Injection
31.12.2017
Bilal KARDADOU
Med.
Joomla Varista Education 2.9 SQL Injection
30.12.2017
Abdeljalil Nouiri (@pw...
Med.
Joomla JomEvents 3.7 SQL Injection
30.12.2017
Bilal KARDADOU
Med.
Joomla Jtag Minicart 4.1.0 SQL Injection
30.12.2017
Bilal KARDADOU
Med.
Joomla Jtag Members Directory 5.3.7 SQL Injection
30.12.2017
Bilal KARDADOU
Med.
Joomla JomEstate PRO 3.7 SQL Injection
30.12.2017
Bilal KARDADOU
Med.
Joomla JomHoliday 4.0 SQL Injection
30.12.2017
Bilal KARDADOU
Med.
Joomla SP Movie Database 1.4 SQL Injection
30.12.2017
pwny
Med.
AllMyVisitors0.5.0 Blind SQL Injection Vulnerability
27.12.2017
indoushka
Med.
ACJWEB DESIGNER 1.0 - SQL Injection Vulnerability
27.12.2017
indoushka
Med.
JokerDesign SQL injection & Admin Page Bypass
27.12.2017
Azerbaycanli Hacker
Med.
Joomla! Component JEXTN FAQ Pro 4.0.0 id SQL Injection
26.12.2017
Ihsan Sencan
Med.
Sendroid < 6.5.0 SQL Injection
26.12.2017
Onwuka Gideon
Med.
Kisisel Portfolyo Scripti 4.031 SQL Injection
26.12.2017
indoushka
Med.
Webkarizma Dedikodu ve İtiraf Scripti SQl injection vulnerability
25.12.2017
indoushka
Med.
Woltlab Burning Board v1 Beta4.5e sql injection vulnerability
24.12.2017
indoushka
Med.
SIMHL Version 3.3 sql injection vulnerability
24.12.2017
indoushka
Med.
SIMHL Version 3.2 sql injection vulnerability
24.12.2017
indoushka
Med.
Victor Muller v 2014 & 2015 sql injection vulnerability
24.12.2017
indoushka
Med.
Seditio CMS version 1.7.5 sql Injection vulnerability
24.12.2017
indoushka
Med.
News PHP 1.031 Sql injection vulnerability
24.12.2017
indoushka
Med.
PenelaDigital sql inkection
24.12.2017
Iran Cyber Security G...
Med.
Dubai Iconcept LLC Sql Injection Vulnerability
22.12.2017
Turkz.org
Med.
Joomla JB Bus 2.3.0 SQL Injection
22.12.2017
Bilal KARDADOU
Med.
Joomla JB Tour Booking 2.2.2 SQL Injection
22.12.2017
Bilal KARDADOU
Med.
Netspace software - SQL Injection
22.12.2017
Dark Sword & Surreal
Med.
BEIMS ContractorWeb 5.18.0.0 SQL Injection
21.12.2017
Rajwinder Singh
Med.
WordPress Clean Up Optimizer 4.0.0 SQL Injection
20.12.2017
defensecode
Med.
WordPress Booking Calendar 7.0 / 7.1 SQL Injection / Local File Inclusion
20.12.2017
defensecode
Med.
WordPress Top-10 2.4.2 SQL Injection
20.12.2017
defensecode
Med.
Joomla! JB Visa 1.0 SQL Injection
19.12.2017
Ihsan Sencan
Med.
Joomla! User Bench 1.0 SQL Injection
19.12.2017
Ihsan Sencan
Med.
Joomla! My Projects 2.0 SQL Injection
19.12.2017
Ihsan Sencan
Med.
Joomla! Guru Pro SQL Injection
19.12.2017
Ihsan Sencan
Med.
Piwigo 2.9.1 SQL Injection
15.12.2017
Akityo
Med.
Paid To Read Script 2.0.5 SQL Injection
15.12.2017
Ihsan Sencan
Med.
FS Lynda Clone 1.0 SQL Injection
15.12.2017
Ihsan Sencan
Med.
Movie Guide 2.0 SQL Injection
15.12.2017
Ihsan Sencan
Med.
Joomla! JEXTN Question And Answer 3.1.0 SQL Injection
15.12.2017
Ihsan Sencan
Med.
Joomla! JEXTN Video Gallery 3.0.5 SQL Injection
15.12.2017
Ihsan Sencan
Med.
Joomla JBuildozer 1.4.1 SQL Injection
13.12.2017
Ihsan Sencan
Med.
Responsive Events And Movie Ticket Booking Script 3.2.1 SQL Injection
12.12.2017
Ihsan Sencan
Med.
MLM Forced Matrix 2.0.9 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Entrepreneur Bus Booking Script 3.0.4 SQL Injection
12.12.2017
Ihsan Sencan
Med.
MLM Forex Market Plan Script 2.0.4 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Multiplex Movie Theater Booking Script 3.1.5 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Single Theater Booking Script 3.2.1 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Multireligion Responsive Matrimonial 4.7.2 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Basic Job Site Script 2.0.5 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Resume Clone Script 2.0.5 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Vanguard 1.4 SQL Injection
12.12.2017
Ihsan Sencan
Med.
Website Auction Marketplace 2.0.5 SQL Injection
09.12.2017
Ihsan Sencan
Med.
Realestate Crowdfunding Script 2.7.2 SQL Injection
09.12.2017
Ihsan Sencan
Med.
DomainSale PHP Script 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
FS Monster Clone 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
FS Thumbtack Clone 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
FS Quibids Clone 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
FS Stackoverflow Clone 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
FS Olx Clone 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
FS Shutterstock Clone 1.0 SQL Injection
09.12.2017
Ihsan Sencan
Med.
BD Education Websites Multi Sql Injection {Part 2}
08.12.2017
mr.Gh0st N@0b
Med.
FS Makemytrip Clone SQL Injection
07.12.2017
DanAdeg
Med.
FS Facebook Clone SQL Injection
07.12.2017
DanAdeg
Med.
FS IMDB Clone SQL Injection
07.12.2017
DanAdeg
Med.
FS Shaadi Clone SQL Injection
07.12.2017
DanAdeg
Med.
Readymade Classifieds Script 1.0 SQL Injection
07.12.2017
Ihsan Sencan
Med.
Techno Portfolio Management Panel 1.0 SQL Injection
07.12.2017
Ihsan Sencan
Med.
MR Technology Admin Panel Authentication Bypass Exploit
03.12.2017
Shuvamoy Roy
Med.
Dream Gallery 1.0 SQL Injection
02.12.2017
Zerones
Med.
Jobs2Careers / Coroflot Clone SQL Injection
01.12.2017
8bitsec
Med.
MyTy 5.1.6 Blind SQL Injection
22.11.2017
Nicolas Heiniger
Med.
WordPress In Link 1.0 SQL Injection
21.11.2017
Dimopoulos Elias
Med.
CMS JKB Web Solutions SQL Injection
21.11.2017
Bl4ck M4n
Med.
ManageEngine Applications Manager 13 SQL Injection
10.11.2017
Cody Sixteen
Med.
Zoho ManageEngine Applications Manager 13 SQL Injection
07.11.2017
Cody Sixteen
Med.
WordPress Plugin JTRT Responsive Tables 4.1 SQL Injection
04.11.2017
Lenon Leite
Med.
Ingenious School Management System 2.3.0 SQL Injection
03.11.2017
Giulio Comi
Med.
US Zip Codes Database SQL Injection
03.11.2017
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2018-01-05
Medium
CVE-2017-16716

Vendor: Advantech
Software: Webaccess
 

 
A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.

 
2018-01-02
Medium
CVE-2017-1000444

Vendor: Openhacker project
Software: Openhacker
 

 
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution

 
2017-12-29
Medium
CVE-2017-17916

Vendor: Rubyonrails
Software: Ruby on rails
 

 
** DISPUTED ** SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input.

 
Medium
CVE-2017-17917

Vendor: Rubyonrails
Software: Ruby on rails
 

 
** DISPUTED ** SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input.

 
Medium
CVE-2017-17919

Vendor: Rubyonrails
Software: Ruby on rails
 

 
** DISPUTED ** SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input.

 
Medium
CVE-2017-17920

Vendor: Rubyonrails
Software: Ruby on rails
 

 
** DISPUTED ** SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input.

 
Medium
CVE-2017-17983

Vendor: Muslim matrimonial script project
Software: Muslim matri...
 

 
PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter.

 
2017-12-28
Medium
CVE-2017-17941

Vendor: Single theater booking script project
Software: Single theat...
 

 
PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter.

 
2017-12-27
Medium
CVE-2017-17870

Vendor: Jbuildozer
Software: Jbuildozer
 

 
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.

 
Medium
CVE-2017-17873

Vendor: Vanguard project
Software: Marketplace ...
 

 
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top