CWE:
 

Topic
Date
Author
Med.
Thailand Government CityVariety Corporation Error Based SQL Injection - Arbitrary File Download
21.04.2019
KingSkrupellos
Med.
LivroreClamacoes Grupo Ajulio Portugal SQL Injection
20.04.2019
KingSkrupellos
Med.
ManageEngine Applications Manager 14 SQL Injection / Remote Code Execution
19.04.2019
Ozkan Mustafa Akkus
Med.
Desenvolvido por EngePlus Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Site Desenvolvido Por Buscazip Guiaking Empresas Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Desenvolvido Por Network Evolution Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Desenvolvido Com Por Oficina5 Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Jobgator experience SQL Injection
16.04.2019
Ahmet Ümit BAYRAM
Med.
Design & Developed by : SOFTBD Ltd. SQL Injection Vul
11.04.2019
mr.Gh0st N@0b
Med.
FreeSMS 2.1.2 SQL Injection
05.04.2019
Yilmaz Degirmenci
Med.
BigTree 4.3.4 CMS Multiple SQL Injection
04.04.2019
Mehmet EMIROGLU
Med.
Clinic Pro 4 SQL Injection
04.04.2019
Abdullah Celebi
Med.
iScripts ReserveLogic SQL Injection
04.04.2019
Ahmet Umit Bayram
Med.
Ashop Shopping Cart Software SQL Injection
04.04.2019
Ahmet Umit Bayram
Med.
CMS Made Simple SQL Injection
02.04.2019
Daniele Scanu
Med.
BigTree CMS 4.3.4 SQL Injection
31.03.2019
Mehmet Emiroglu
Med.
Magento 2.3.0 SQL Injection
29.03.2019
Charles FOL
Med.
Izdelava Intera Design Studiointera SQL Injection
28.03.2019
KingSkrupellos
Med.
Jettweb Hazir Rent A Car Scripti 4 SQL Injection
28.03.2019
Ahmet Umit Bayram
Med.
XooDigital SQL Injection
28.03.2019
Ahmet Umit Bayram
Med.
Jettweb PHP Hazir Haber Sitesi Scripti 3 SQL Injection
25.03.2019
Ahmet Umit Bayram
Med.
Jettweb PHP Hazir Haber Sitesi Scripti 2 SQL Injection
25.03.2019
Ahmet Umit Bayram
Med.
Jettweb PHP Hazir Haber Sitesi Scripti 1 SQL Injection
25.03.2019
Ahmet Umit Bayram
Med.
C T & T SQL Injection Vulnerability And Bypass Admin page Login
25.03.2019
Mr Hashtag
Med.
Bootstrapy CMS SQL Injection
22.03.2019
Ahmet Umit Bayram
Med.
Placeto CMS Alpha 4 SQL Injection
22.03.2019
Abdullah Celebi
Med.
The Company Business Website CMS SQL Injection
22.03.2019
Ahmet Umit Bayram
Med.
uHotelBooking System SQL Injection
22.03.2019
Ahmet Umit Bayram
Med.
202CMS 10beta SQL Injection
21.03.2019
Mehmet Emiroglu
Med.
eNdonesia Portal 8.7 Iframe Injection / SQL Injection
20.03.2019
Mehmet Emiroglu
Med.
Netartmedia PHP Mall 4.1 SQL Injection
20.03.2019
Ahmet Umit Bayram
Med.
Netartmedia Event Portal 2.0 SQL Injection
20.03.2019
Ahmet Umit Bayram
Med.
Netartmedia Real Estate Portal 5.0 SQL Injection
20.03.2019
Ahmet Umit Bayram
Med.
TheCarProject 2 SQL Injection
19.03.2019
Mehmet Emiroglu
Med.
PHP MySQLi Database Class 2.9.2 SQL Injection
19.03.2019
Jaroslav Lobacevski
Med.
IWT ImagineWebTech SQL Injection
17.03.2019
KingSkrupellos
Med.
Studio G&G Corporate Communication Italy SQL Injection
16.03.2019
KingSkrupellos
Med.
Dinesh Kodithuwakku ADDprint SQL Injection
16.03.2019
KingSkrupellos
Med.
Proton Technologies India SQL Injection
11.03.2019
KingSkrupellos
Med.
SVP InfoTech SQL Injection
10.03.2019
KingSkrupellos
Med.
Namaste Hindustan SQL Injection
10.03.2019
KingSkrupellos
Med.
Nepalese Army Institute of Health Sciences SQL Injection
09.03.2019
KingSkrupellos
Med.
SRGinfotech India SQL Injection
09.03.2019
KingSkrupellos
Med.
Developpe par MBDesign-Tn Tunisia SQL Injection
08.03.2019
KingSkrupellos
Med.
Preigo Fover Technologies India SQL Injection
08.03.2019
KingSkrupellos
Med.
OOP CMS BLOG 1.0 Multiple SQL Injection
06.03.2019
Mr Winst0n
Med.
Joomla J2Store SQL Injection
01.03.2019
Andrei Conache
Med.
Joomla Content Components 3.x SQL Injection
28.02.2019
KingSkrupellos
Med.
SQLiteManager 1.2.0 / 1.2.4 SQL Injection
28.02.2019
Rafael Pedrero
Med.
News Website Script 2.0.5 SQL Injection
25.02.2019
Mr Winst0n
Med.
Joomla BookingCalendarForJoomla Components 3.4.0 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Furniture Virtuemart Templates 1.5 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla FlexiContent Components 3.2.1.15 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Contact Enhanced Components 3.9.2 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Geommunity3es Components 1.4 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla JM Car Classifieds CarAgent Templates 3.8.12 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Matukio Events Components 7.0.15 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla RD e-Tickets TicketMasterExt Components 3.5.7 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Responsive Grid for Articles Com_Grid Components 3.4.5 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla SpiderCalendar Components 3.2.17 SQL Injection
25.02.2019
KingSkrupellos
High
Quest NetVault Backup Server Code Execution / SQL Injection
23.02.2019
rgod
Med.
C4G Basic Laboratory Information System (BLIS) 3.4 SQL Injection
22.02.2019
Carlos Avila
Med.
EI-Tube 3 SQL Injection
22.02.2019
Meisam Monsef
Med.
Nuuo Central Management SQL Injection
22.02.2019
Pedro Ribeiro
Med.
Typo3 CMS Modern Guestbook tx_veguestbook_pi1 3.3.0 SQL Injection
21.02.2019
KingSkrupellos
Med.
XAMPP 5.6.8 Cross Site Scripting / SQL Injection
20.02.2019
Rafael Pedrero
Med.
eDirectory SQL Injection / File Disclosure
20.02.2019
Efren Diaz
Low
Typo3 Calendar Base tx_pxkalender_pi1 2.0.0 SQL Injection / Database Disclosure
19.02.2019
KingSkrupellos
Med.
CMSsite 1.0 post.php SQL Injection
19.02.2019
Mr Winst0n
Med.
MISP 2.4.97 SQL Injection / Command Injection
19.02.2019
Tm9jdGlz
Med.
Listing Hub CMS 1.0 SQL Injection
17.02.2019
Deyaa Muhammad
Med.
Find A Place CMS Directory 1.5 SQL Injection
17.02.2019
Deyaa Muhammad
Med.
phpMyVisites CNTNT Templates 2.4 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla DatsoGallery Components 3.4.4 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla DT Register Components 4.0.3 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla EasyBookReloaded Components 3.3.2 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla LightGallery Components 1.2.1 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla OSMap Components 4.2.19 SQL Injection / Database Disclosure
15.02.2019
KingSkrupellos
Med.
Joomla PhocaMaps 3.0.5 SQL Injection / Database Disclosure
15.02.2019
KingSkrupellos
Med.
Joomla PrayerCenter 3.0.4 SQL Injection / Database Disclosure
15.02.2019
KingSkrupellos
Med.
Joomla VirtueMart Components 3.4.1 SQL Injection
15.02.2019
KingSkrupellos
Med.
Joomla ZCalendar Zap Calendar 4.4.0 SQL Injection
14.02.2019
KingSkrupellos
Med.
PilusCart 1.4.1 SQL Injection
14.02.2019
Mehmet Emiroglu
Med.
Joomla ExtCalendar 2.0 SQL Injection
13.02.2019
KingSkrupellos
Med.
ResourceSpace 8.6 watched_searches.php SQL Injection
12.02.2019
dd_
Med.
Webiness Inventory 2.3 email SQL Injection
12.02.2019
Mehmet EMIROGLU
Med.
Joomla JoomGallery 3.2.2 PonyGallery 2.5.1 SQL Injection / Database Disclosure
12.02.2019
KingSkrupellos
Med.
Joomla WordPress Blog 4.8.0 SQL Injection
12.02.2019
KingSkrupellos
Med.
Joomla PhocaGuestBook 3.0.8 SQL Injection / Database Disclosure
12.02.2019
KingSkrupellos
Med.
Webiness Inventory 2.3 - 'order' SQL Vulnerability
11.02.2019
Mehmet EMIROGLU
Med.
Webiness Inventory 2.3 - 'id' SQL Vulnerability
11.02.2019
Mehmet EMIROGLU
Med.
Joomla AcePolls 3.x SQL Injection
11.02.2019
KingSkrupellos
Med.
Joomla DocMan 3.3.4 SQL Injection
11.02.2019
KingSkrupellos
Med.
Joomla jDownloads 3.2.63 SQL Injection / Database Disclosure
10.02.2019
KingSkrupellos
Med.
Joomla WebLinks 3.6.0 SQL Injection / Database Disclosure
10.02.2019
KingSkrupellos
Med.
Joomla BreezingForms 1.9.0 SQL Injection / Database Disclosure
10.02.2019
KingSkrupellos
Med.
Joomla JVLE JV-LinkExchanger 3.2 SQL Injection
10.02.2019
KingSkrupellos
Med.
Joomla RedShop 2.0.0.3 SQL Injection / Database Disclosure
08.02.2019
KingSkrupellos
Med.
Joomla ComProfiler Community Builder 2.4.0 SQL Injection / Database Disclosure
07.02.2019
KingSkrupellos
Med.
Joomla FacileForms 1.4.7 SQL Injection
07.02.2019
KingSkrupellos


CVEMAP Search Results

CVE
Details
Description
2019-04-15
Medium
CVE-2018-18018

Vendor: Tribulant
Software: Slideshow ga...
 

 
SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.

 
2019-04-10
Medium
CVE-2018-1994

Vendor: IBM
Software: Infosphere i...
 

 
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494.

 
Medium
CVE-2019-7139

Vendor: Magento
Software: Magento
 

 
An unauthenticated user can execute arbitrary code through an SQL injection vulnerability, which causes sensitive data leakage. This issue is fixed in Magento Open Source 1.9.4.1, Magento Commerce 1.14.4.1, SUPEE-11086, Magento 2.2.8, Magento 2.3.1.

 
2019-04-04
Medium
CVE-2019-7001

Updating...
 

 
A SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated attacker to retrieve or alter sensitive data related to other users on the system. Affected versions of IP Office Contact Center include all 9.x and 10.x versions prior to 10.1.2.2.2-11201.1908. Unsupported versions not listed here were not evaluated.

 
2019-04-03
Medium
CVE-2018-20505

Vendor: Apple
Software: Icloud
 

 
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).

 
2019-04-02
Medium
CVE-2019-9759

Vendor: Tongda2000
Software: Office anywhere
 

 
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter.

 
Medium
CVE-2019-10707

Vendor: Mkcms project
Software: Mkcms
 

 
MKCMS V5.0 has SQL injection via the bplay.php play parameter.

 
Medium
CVE-2019-10708

Vendor: S-cms
Software: S-cms
 

 
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.

 
Medium
CVE-2019-6506

Vendor: Salesagility
Software: Suitecrm
 

 
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection.

 
2019-04-01
Medium
CVE-2019-3792

Vendor: Pivotal software
Software: Concourse
 

 
Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top