CWE:
 

Topic
Date
Author
Low
Typo3 Calendar Base tx_pxkalender_pi1 2.0.0 SQL Injection / Database Disclosure
19.02.2019
KingSkrupellos
Med.
CMSsite 1.0 post.php SQL Injection
19.02.2019
Mr Winst0n
Med.
MISP 2.4.97 SQL Injection / Command Injection
19.02.2019
Tm9jdGlz
Med.
Listing Hub CMS 1.0 SQL Injection
17.02.2019
Deyaa Muhammad
Med.
Find A Place CMS Directory 1.5 SQL Injection
17.02.2019
Deyaa Muhammad
Med.
phpMyVisites CNTNT Templates 2.4 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla DatsoGallery Components 3.4.4 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla DT Register Components 4.0.3 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla EasyBookReloaded Components 3.3.2 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla LightGallery Components 1.2.1 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla OSMap Components 4.2.19 SQL Injection / Database Disclosure
15.02.2019
KingSkrupellos
Med.
Joomla PhocaMaps 3.0.5 SQL Injection / Database Disclosure
15.02.2019
KingSkrupellos
Med.
Joomla PrayerCenter 3.0.4 SQL Injection / Database Disclosure
15.02.2019
KingSkrupellos
Med.
Joomla VirtueMart Components 3.4.1 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla ZCalendar Zap Calendar 4.4.0 SQL Injection
14.02.2019
KingSkrupellos
Med.
PilusCart 1.4.1 SQL Injection
14.02.2019
Mehmet Emiroglu
Med.
Joomla ExtCalendar 2.0 SQL Injection
13.02.2019
KingSkrupellos
Med.
ResourceSpace 8.6 watched_searches.php SQL Injection
12.02.2019
dd_
Med.
Webiness Inventory 2.3 email SQL Injection
12.02.2019
Mehmet EMIROGLU
Med.
Joomla JoomGallery 3.2.2 PonyGallery 2.5.1 SQL Injection / Database Disclosure
12.02.2019
KingSkrupellos
Med.
Joomla WordPress Blog 4.8.0 SQL Injection
12.02.2019
KingSkrupellos
Med.
Joomla PhocaGuestBook 3.0.8 SQL Injection / Database Disclosure
12.02.2019
KingSkrupellos
Med.
Webiness Inventory 2.3 - 'order' SQL Vulnerability
11.02.2019
Mehmet EMIROGLU
Med.
Webiness Inventory 2.3 - 'id' SQL Vulnerability
11.02.2019
Mehmet EMIROGLU
Med.
Joomla AcePolls 3.x SQL Injection
11.02.2019
KingSkrupellos
Med.
Joomla DocMan 3.3.4 SQL Injection
11.02.2019
KingSkrupellos
Med.
Joomla jDownloads 3.2.63 SQL Injection / Database Disclosure
10.02.2019
KingSkrupellos
Med.
Joomla WebLinks 3.6.0 SQL Injection / Database Disclosure
10.02.2019
KingSkrupellos
Med.
Joomla BreezingForms 1.9.0 SQL Injection / Database Disclosure
10.02.2019
KingSkrupellos
Med.
Joomla JVLE JV-LinkExchanger 3.2 SQL Injection
10.02.2019
KingSkrupellos
Med.
Joomla RedShop 2.0.0.3 SQL Injection / Database Disclosure
08.02.2019
KingSkrupellos
Med.
Joomla ComProfiler Community Builder 2.4.0 SQL Injection / Database Disclosure
07.02.2019
KingSkrupellos
Med.
Joomla FacileForms 1.4.7 SQL Injection
07.02.2019
KingSkrupellos
Med.
Joomla PhotoMapGallery 1.0 SQL Injection
07.02.2019
KingSkrupellos
Med.
Joomla WebMapPlus 1.0 SQL Injection
07.02.2019
KingSkrupellos
Med.
Joomla Mailto 1.2.2.2 SQL Injection
06.02.2019
KingSkrupellos
Med.
WordPress Forminator 1.5.4 Cross Site Scripting / SQL Injection
05.02.2019
Tim Coen
Med.
Joomla Jumi 3.0.5 Database Disclosure / SQL Injection
04.02.2019
KingSkrupellos
Med.
Joomla PhocaDownload Components 3.1.7 SQL Injection / Database Disclosure
03.02.2019
KingSkrupellos
Med.
Joomla ActivityManager Components 5.3 SQL Injection
03.02.2019
KingSkrupellos
Med.
Joomla Mailto Components 1.2.2.2 SQL Injection
03.02.2019
KingSkrupellos
Med.
Joomla Ninja RSS Syndicator Components 2.0.5 SQL Injection
03.02.2019
KingSkrupellos
Med.
Joomla JamBook Components 1.5 SQL Injection
01.02.2019
KingSkrupellos
Med.
Joomla ChronoConnectivity2 Components 6.0.7 SQL Injection
01.02.2019
KingSkrupellos
Med.
Joomla Sobi2 SobiPro Components 1.4.9 SQL Injection
01.02.2019
KingSkrupellos
Med.
Joomla GMapFP Google Map Components 3.52 SQL Injection
01.02.2019
KingSkrupellos
Med.
Joomla AtomiconGallery Components 1.5.x SQL Injection
01.02.2019
KingSkrupellos
Med.
Joomla wgPicasa Components 3x SQL Injection
01.02.2019
KingSkrupellos
Med.
Joomla HotelGuide Components 1.0 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla JUserTube Components 8.3.1 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla JEvents Components 3.4.47 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla JComments Components 3.0.5 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla Formularz Components 1.0.2 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla JooMap Components 2.0.6 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla MorfeoShow Components 1.2.0 SQL Injection
31.01.2019
KingSkrupellos
Med.
Joomla Rokin RokGallery Components 3.2.6 SQL Injection
31.01.2019
KingSkrupellos
Low
Joomla SimplestForum Components 1.5 SQL Injection
30.01.2019
KingSkrupellos
Med.
Mahkamah Agung CMS ( SIPP ) Versi 3.2.0-5 SQL INJECTION
30.01.2019
TernateBlackhat
Med.
Joomla HWDVideoShare Components 1.5 SQL Injection / Database Disclosure / Incorrect Authorization
30.01.2019
KingSkrupellos
Med.
Joomla XMap Components 2.3.0 SQL Injection / Database Disclosure
30.01.2019
KingSkrupellos
Med.
Joomla Remository Components 3.58 SQL Injection / Database Disclosure / Backdoor Access
30.01.2019
KingSkrupellos
Med.
Joomla Zoo by YooTheme Components 3.3.10 SQL Injection / Database Disclosure
29.01.2019
KingSkrupellos
Med.
Care2x 2.7 (HIS) Hospital Information System SQL Injection
29.01.2019
Carlos Avila
Med.
Teameyo Project Management System 1.0 SQL Injection
29.01.2019
Ihsan Sencan
Med.
Mess Management System 1.0 SQL Injection
28.01.2019
Ihsan Sencan
Med.
SimplePress CMS 1.0.7 SQL Injection
28.01.2019
Ihsan Sencan
Med.
Joomla! vReview 1.9.11 SQL Injection
28.01.2019
Ihsan Sencan
Med.
WordPress PT-Content-Views-Pro Plugins 2.1.2 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress Add Code To Head upsite_analytics_plugin Plugins 1.13 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress Snax Plugins 4.9.x SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress Advanced Custom Fields Pro Plugins 5.7.10 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress WP-Smushit Plugins 3.0.2 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress All-in-One WP Migration Plugins 6.83 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress Yeloni Free Exit Popup Plugins 8.1.9 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress Popup Builder Gold Plugins 3.1.5.2 SQL Injection
28.01.2019
KingSkrupellos
Med.
WordPress Diamond MultiSite Widgets Plugins 1.8.2 SQL Injection
28.01.2019
KingSkrupellos
Med.
Green CMS 2.x SQL Injection
25.01.2019
Ihsan Sencan
Med.
DevSoft * BTMArgeBilişim * Algoritma İzmir * M.Ceylan MPlusNet * Webİcerik * Verisay * Web Designs SQL Injection
24.01.2019
KingSkrupellos
Med.
Joomla! vAccount 2.0.2 SQL Injection
24.01.2019
Ihsan Sencan
Med.
Joomla! J-MultipleHotelReservation 6.0.7 SQL Injection
24.01.2019
Ihsan Sencan
Med.
Joomla! J-ClassifiedsManager 3.0.5 SQL Injection
24.01.2019
Ihsan Sencan
Med.
Joomla! vWishlist 1.0.1 SQL Injection
24.01.2019
Ihsan Sencan
Med.
Kepler Wallpaper Script 1.1 SQL Injection
23.01.2019
Ihsan Sencan
Med.
Adianti Framework 5.5.0 SQL Injection
23.01.2019
Joner de Mello Assolin
Med.
Reservic 1.0 SQL Injection
23.01.2019
Ihsan Sencan
Med.
MoneyFlux 1.0 SQL Injection
23.01.2019
Ihsan Sencan
Med.
C3iM * HiperwebBrasil * HumbertoCaldas * Vale Mais Comunicação * Webproj Web Designs SQL Injection
18.01.2019
KingSkrupellos
Med.
Craigs Classified Ads CMS Theme 1.0.2 SQL Injection
17.01.2019
Ihsan Sencan
Med.
Desarrollado por Rodrigo Guidetti RG21 Argentina SQL Injection
16.01.2019
KingSkrupellos
Med.
Criação sitesrapidos.com.br Web Design Brazil SQL Injection
16.01.2019
KingSkrupellos
Med.
Sedinet SQL Injection
16.01.2019
KingSkrupellos
Med.
Ariadna3 Web Design Spain SQL Injection
15.01.2019
KingSkrupellos
Med.
Job Portal 1.0 SQL Injection
15.01.2019
Ihsan Sencan
Med.
Desarrollado por C-Diseño Web Design Spain SQL Injection
15.01.2019
KingSkrupellos
Med.
Desarrollado por OxiGenic Web Design Spain SQL Injection
15.01.2019
KingSkrupellos
Med.
Twilio WEB To Fax Machine System Application 1.0 SQL Injection
15.01.2019
Ihsan Sencan
Med.
Desenvolvido por Fidelizarte Web Design Portugal SQL Injection
15.01.2019
KingSkrupellos
Med.
i-doit CMDB 1.12 SQL Injection
15.01.2019
Ihsan Sencan
Med.
Craigs CMS 1.0.2 SQL Injection
15.01.2019
Ihsan Sencan
Med.
Locations CMS 1.5 SQL Injection
15.01.2019
Ihsan Sencan


CVEMAP Search Results

CVE
Details
Description
2019-02-17
Medium
CVE-2019-8423

Vendor: Zoneminder
Software: Zoneminder
 

 
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.

 
Medium
CVE-2019-8424

Vendor: Zoneminder
Software: Zoneminder
 

 
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.

 
Medium
CVE-2019-8428

Vendor: Zoneminder
Software: Zoneminder
 

 
ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value.

 
Medium
CVE-2019-8429

Vendor: Zoneminder
Software: Zoneminder
 

 
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj] parameter.

 
2019-02-15
Medium
CVE-2015-4615

Vendor: Easy2map
Software: Easy2map-photos
 

 
Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables

 
2019-02-11
Medium
CVE-2018-17542

Updating...
 

 
SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

 
2019-02-10
Medium
CVE-2018-20770

Updating...
 

 
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.

 
Medium
CVE-2018-20779

Vendor: TRAQ
Software: TRAQ
 

 
Traq 3.7.1 allows SQL Injection via a tickets?search= URI.

 
2019-02-09
Medium
CVE-2018-13792

Vendor: Abbyy
Software: Flexicapture
 

 
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.

 
2019-02-07
Medium
CVE-2019-7568

Vendor: Baijiacms project
Software: Baijiacms
 

 
An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top