CWE:
 

Topic
Date
Author
Med.
Hasan MWB 1.0 Time-Based SQL Injection
06.12.2018
Socket_0x03
Med.
KC GRUP Web Design 1.0 SQL Injection
05.12.2018
KingSkrupellos
Med.
Ticketly 1.0 kind_id SQL Injection
30.11.2018
Javier Olmedo
Med.
No-Cms 1.0 SQL Injection
27.11.2018
Loading Kura Kura
Low
Cory Support 1.0 SQL Injection
26.11.2018
Socket_0x03
Med.
Siyah Beyaz Bilişim Web Design SQL Injection Vulnerability
23.11.2018
KingSkrupellos
Med.
WebOfisi E-Ticaret 4 SQL Injection
21.11.2018
Ozkan Mustafa Akkus
Med.
Meneame English Pligg 5.8 search SQL Injection
21.11.2018
Ihsan Sencan
Med.
Warranty Tracking System 11.06.3 SQL Injection
16.11.2018
Ihsan Sencan
Med.
Meneame English Pligg 5.8 SQL Injection
16.11.2018
Ihsan Sencan
Med.
Net-Billetterie 2.9 SQL Injection
16.11.2018
Ihsan Sencan
Med.
BitZoom 1.0 SQL Injection
16.11.2018
Ihsan Sencan
Med.
Surreal ToDo 0.6.1.2 SQL Injection
15.11.2018
Ihsan Sencan
Med.
Galaxy Forces MMORPG 0.5.8 type SQL Injection
15.11.2018
Ihsan Sencan
Med.
Net-Billetterie 2.9 login SQL Injection
15.11.2018
Ihsan Sencan
Med.
EdTv 2 id SQL Injection
15.11.2018
Ihsan Sencan
Med.
Tina4 Stack 1.0.3 SQL Injection / Database File Download
15.11.2018
Ihsan Sencan
High
Alive Parish 2.0.4 File Upload / SQL Injection
14.11.2018
Ihsan Sencan
Med.
Maitra Mail Tracking System 1.7.2 SQL Injection / Database File Download
14.11.2018
Ihsan Sencan
Med.
Silurus Classifieds Script 2.0 SQL Injection
14.11.2018
Ihsan Sencan
Med.
Developed By NaiveScripters Noakhali Science and Technology University Bangladesh SQL Injection Vulnerability
13.11.2018
KingSkrupellos
Med.
Nominas 0.27 username SQL Injection
13.11.2018
Ihsan Sencan
Med.
The Don 1.0.1 SQL Injection
13.11.2018
Ihsan Sencan
Med.
WordPress PeepSo 1.11.2 SQL Injection
12.11.2018
Socket_0x03
Med.
WordPress WP User Manager 2.0.8 SQL Injection
12.11.2018
Socket_0x03
Med.
ServerZilla 1.0 SQL Injection
12.11.2018
Ihsan Sencan
Med.
Paroiciel 11.20 SQL Injection
12.11.2018
Ihsan Sencan
Med.
Data Center Audit 2.6.2 SQL Injection
12.11.2018
Ihsan Sencan
Med.
GPS Tracking System 2.12 SQL Injection
12.11.2018
Ihsan Sencan
Med.
Nominas 0.27 SQL Injection
12.11.2018
Ihsan Sencan
Med.
Facturation System 1.0 SQL Injection
12.11.2018
Ihsan Sencan
Med.
Advanced Comment System 1.0 SQL Injection
12.11.2018
Rafael Pedrero
Med.
Hodhodfarsi.tv SQL Injection Vulnerability
11.11.2018
kodak
Med.
WB4Host Saudi Arabia Hosting Company النطاق الواسع للاستضافة SQL Injection Vulnerability
10.11.2018
KingSkrupellos
Med.
Sadv.Com.Sa Hosting شعوب المتقدمة Shooub Adv CMS V.1 SQL Injection Vulnerability
10.11.2018
KingSkrupellos
Med.
PlayJoom 0.10.1 SQL Injection
09.11.2018
Ihsan Sencan
Med.
Tribhuvan University Samarpan Academy Institute of Crisis Management Studies Nepal SQL Injection Vulnerability
09.11.2018
KingSkrupellos
Med.
OOP CMS BLOG 1.0 SQL Injection
08.11.2018
Ihsan Sencan
Med.
OpenBiz Cubi Lite 3.0.8 SQL Injection
08.11.2018
Ozkan Mustafa Akkus
Med.
Joomla Department of Computer Engineering OmEducation India SQL Injection Vulnerability
08.11.2018
KingSkrupellos
Med.
Comwave Institute of Science & Information Technology Pakistan Education SQL Injection Vulnerability
08.11.2018
KingSkrupellos
Med.
Designed & Developed By TAS TasPK Pakistan Education SQL Injection Vulnerability
08.11.2018
KingSkrupellos
Med.
Design By Orica Technology OricaWorld India Education SQL Injection Vulnerability
08.11.2018
KingSkrupellos
Med.
Baqai Medical University Pakistan SQL Injection Vulnerability
08.11.2018
KingSkrupellos
Med.
PlayJoom 0.10.1 catid SQL Injection
07.11.2018
Ihsan Sencan
Med.
Grocery Crud 1.6.1 SQL Injection
07.11.2018
Loading Kura Kura
Med.
Jelastic 5.4 SQL Injection
06.11.2018
Procode701
Med.
qdPM 9.1 SQL Injection
06.11.2018
Ozkan Mustafa Akkus
Med.
Designed & Developed By Mars Software International Ltd Marssil Bangladesh Education SQL Injection Vulnerability
06.11.2018
KingSkrupellos
Med.
Voovi Social Networking Script 1.0 SQL Injection
06.11.2018
Ihsan Sencan
Med.
WebVet 0.1a SQL Injection
06.11.2018
Ihsan Sencan
Med.
পাঠশালা inventusltd Software Development Bangladesh Education SQL Injection Vulnerability
05.11.2018
KingSkrupellos
Med.
Powered by ODHYYON A product of ADDIE Soft Ltd Bangladesh Education SQL Injection Vulnerability
05.11.2018
KingSkrupellos
Med.
Technical Support Corporate System Solutions Limited SIB Web Portal Bangladesh Education SQL Injection Vulnerability
02.11.2018
KingSkrupellos
High
Asaancart Simple PHP Shopping Cart 0.9 Arbitrary File Upload / SQL Injection
02.11.2018
Ihsan Sencan
Med.
South Gate Inn Online Reservation System 1.0 q SQL Injection
30.10.2018
Ihsan Sencan
Med.
Point Of Sales (POS) In VB.Net MYSQL Database 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
Grapixel New Media 2 SQL Injection
30.10.2018
Berk Dusunur
Med.
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
Bakeshop Inventory System In VB.Net / MS Access Database 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
SaltOS Erp Crm 3.1 r8126 SQL Injection
30.10.2018
Ihsan Sencan
Med.
PayPal/Credit Card/Debit Card Payment 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
E-Negosyo System 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
Curriculum Evaluation System 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
Library Management System 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
K-iwi Framework 1775 SQL Injection
30.10.2018
Ihsan Sencan
Med.
School Event Management System 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
School Attendance Monitoring System 1.0 SQL Injection
30.10.2018
Ihsan Sencan
Med.
Aplaya Beach Resort Online Reservation System 1.0 CSRF / SQL Injection
30.10.2018
Ihsan Sencan
Med.
MOGG Web Simulator SQL Injection
30.10.2018
Meisam Monsef
Med.
School Equipment Monitoring System 1.0 SQL Injection
29.10.2018
Ihsan Sencan
Med.
MyBB Downloads 2.0.3 SQL Injection
29.10.2018
Lucian Ioan Nitescu
Med.
Open Faculty Evaluation System 5.6 batch_name SQL Injection
29.10.2018
Ihsan Sencan
Med.
Joomla Component Responsive eXtro jQuery Gallery 2.1.0 filter_category SQL Injection
27.10.2018
AkkuS
Med.
Veterinary Clinic Management 00.02 SQL Injection
27.10.2018
Ihsan Sencan
Med.
Quick Count 2.0 SQL Injection
27.10.2018
Ihsan Sencan
Med.
MPS Box 0.1.8.0 SQL Injection
27.10.2018
Ihsan Sencan
Med.
Fifa Master XLS 2.3.2 SQL Injection
25.10.2018
Ihsan Sencan
Med.
SG ERP 1.0 SQL Injection
25.10.2018
Ihsan Sencan
Med.
Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
24.10.2018
Sergey Gordeychik
Med.
SIM-PKH 2.4.1 SQL Injection
24.10.2018
Ihsan Sencan
Med.
eNdonesia Portal 8.7 SQL Injection
23.10.2018
Ihsan Sencan
Med.
Traq 3.7.1 CSRF / XSS / SQL Injection
23.10.2018
Matt Landers
Med.
The Open ISES Project 3.30A SQL Injection
23.10.2018
Ihsan Sencan
Med.
Viva Visitor & Volunteer ID Tracking 0.95.1 fname SQL Injection
22.10.2018
Ihsan Sencan
Med.
The Open ISES Project 3.30A tick_lat SQL Injection
22.10.2018
Ihsan Sencan
Med.
School ERP Ultimate 2018 fid SQL Injection
22.10.2018
Ihsan Sencan
Med.
GIU Gallery Image Upload 0.3.1 category SQL Injection
19.10.2018
Ihsan Sencan
Med.
OwnTicket 1.0 SQL Injection
19.10.2018
Ihsan Sencan
Med.
Learning With Texts 1.6.2 SQL Injection
19.10.2018
Ihsan Sencan
Med.
Time And Expense Management System 3.0 SQL Injection
18.10.2018
Ihsan Sencan
Med.
Vishesh Auto Index 3.1 SQL Injection
17.10.2018
Ihsan Sencan
Med.
Rukovoditel Project Management CRM 2.3 SQL Injection
17.10.2018
Ihsan Sencan
Med.
GIU Gallery Image Upload 0.3.1 SQL Injection
17.10.2018
Ihsan Sencan
Med.
Kados R10 GreenBee SQL Injection
17.10.2018
Ihsan Sencan
Med.
HotelDruid 2.2.4 SQL Injection
17.10.2018
Ihsan Sencan
Med.
KORA 2.7.0 SQL Injection
17.10.2018
Ihsan Sencan
Med.
MaxOn ERP Software 8.x / 9.x SQL Injection
16.10.2018
Ihsan Sencan
Med.
PROGRAMERS SQL Injection Vulnerability
16.10.2018
Mr Hashtag
Med.
Academic Timetable Final Build 7.0a / 7.0b SQL Injection
16.10.2018
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2018-11-28
Medium
CVE-2018-15441

Vendor: Cisco
Software: Prime licens...
 

 
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application. A successful exploit could allow the attacker to modify and delete arbitrary data in the PLM database or gain shell access with the privileges of the postgres user.

 
2018-11-12
Medium
CVE-2018-19221

Vendor: Laobancms
Software: Laobancms
 

 
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.

 
2018-11-08
Medium
CVE-2018-15447

Vendor: Cisco
Software: Integrated m...
 

 
A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application.

 
2018-11-07
Medium
CVE-2018-19061

Vendor: Dedecms
Software: Dedecms
 

 
DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter.

 
2018-11-06
Medium
CVE-2018-18963

Vendor: Degraupublicidade
Software: Degraupublic...
 

 
Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI.

 
2018-11-05
Medium
CVE-2018-18949

Vendor: Zohocorp
Software: Manageengine...
 

 
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings.

 
2018-10-31
Medium
CVE-2018-18887

Vendor: S-cms
Software: S-cms
 

 
S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).

 
2018-10-30
Medium
CVE-2018-18832

Vendor: Dkcms
Software: Dkcms
 

 
admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp.

 
2018-10-29
Medium
CVE-2018-18702

Vendor: Icmsdev
Software: ICMS
 

 
spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.

 
Medium
CVE-2018-18704

Vendor: Phptpoint
Software: Pharmacy man...
 

 
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top