CWE:
 

Tytuł
Data
Autor
Med.
Syrian Organic Gov SQL Injection
26.05.2019
AmirAli Sadeghi Tamiz
Med.
Slims CMS Akasia 8.3.1 SQL Injection
22.05.2019
KingSkrupellos
Med.
Freelance Cockpit CRM 3.3.1 SQL Injection
21.05.2019
Mehmet Emiroglu
Med.
phpKF 1.10 XSS / CSRF / SQL Injection
20.05.2019
Ahmethan Gultekin
Med.
Création du Site Internet Agence Digitale NetSkiss France SQL Injection
19.05.2019
KingSkrupellos
Med.
PasteShr 1.6 SQL Injection
14.05.2019
Mehmet Emiroglu
Med.
SOCA Access Control System 180612 SQL Injection
14.05.2019
LiquidWorm
Med.
XOOPS CMS 2.5.9 SQL Injection
13.05.2019
Felipe Andrian Peixoto
Med.
SalesERP 8.1 SQL Injection
13.05.2019
Mehmet Emiroglu
Med.
WordPress Form Maker 1.13.3 SQL Injection
13.05.2019
Daniele Scanu
Med.
Turkish Radio Web Page SQL İnjection
12.05.2019
Furkan Özer
Med.
Turkish Radio Web Page SQL İnjection haberoku.php?id=" intext:"radyo"
11.05.2019
Furkan Özer
Med.
Extreme Sistemas CMS SQL Injection
11.05.2019
Felipe Andrian Peixoto
Med.
OpenProject 8.3.1 SQL Injection
11.05.2019
T. Soo
Med.
PHPads 2.0 click.php3?bannerID SQL Injection
11.05.2019
Felipe Andrian Peixoto
Med.
Biznetvigator Accessibility HongKong SQL Injection
09.05.2019
KingSkrupellos
Med.
MegaSoftTransparencia SQL Injection
07.05.2019
KingSkrupellos
Med.
Kendriya Vidyalaya Sourabh Kumar Mishra PHP-Fusion SQL Injection
07.05.2019
KingSkrupellos
Med.
Studio2ABrasil SQL Injection
07.05.2019
KingSkrupellos
Med.
WebComNet Tecnologia da Informação SQL Injection
07.05.2019
KingSkrupellos
Med.
Galaxy e Mind India SQL Injection
07.05.2019
KingSkrupellos
Med.
OpusPromocoes SQL Injection
07.05.2019
KingSkrupellos
Med.
Aspire Designs Indiamart SQL Injection
07.05.2019
KingSkrupellos
Med.
microASP (Portal+) CMS SQL Injection
07.05.2019
Felipe Andrian Peixoto
Med.
Instagram Auto Follow SQL Injection
04.05.2019
Veyselxan
Med.
Kementerian Agama Indonesia Voting System SQL Injection
04.05.2019
KingSkrupellos
Med.
Pemerintah Kota Cimahi Pelayanan Terpadu Indonesia SQL Injection
04.05.2019
KingSkrupellos
Med.
Assesi Serviço de Informação Cidadão e-Sic Brazil SQL Injection
04.05.2019
KingSkrupellos
Med.
CompletaWeb Comunicação Virtual Brazil SQL Injection
04.05.2019
KingSkrupellos
Med.
Kementerian Perindustrian Balai Besar Pulp dan Kertas Indonesia SQL Injection
03.05.2019
KingSkrupellos
High
AIS Logistics ESEL-Server SQL Injection / Code Execution
30.04.2019
Manuel Feifel
Med.
SethComunicacao FreshDesk Brazil SQL Injection
25.04.2019
KingSkrupellos
Med.
ManageEngine Applications Manager 11.0 < 14.0 SQL Injection / Remote Code Execution (Metasploit)
23.04.2019
AkkuS
Med.
Thailand Government CityVariety Corporation Error Based SQL Injection - Arbitrary File Download
21.04.2019
KingSkrupellos
Med.
LivroreClamacoes Grupo Ajulio Portugal SQL Injection
20.04.2019
KingSkrupellos
Med.
ManageEngine Applications Manager 14 SQL Injection / Remote Code Execution
19.04.2019
Ozkan Mustafa Akkus
Med.
Desenvolvido por EngePlus Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Site Desenvolvido Por Buscazip Guiaking Empresas Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Desenvolvido Por Network Evolution Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Desenvolvido Com Por Oficina5 Brazil SQL Injection
17.04.2019
KingSkrupellos
Med.
Jobgator experience SQL Injection
16.04.2019
Ahmet Ümit BAYRAM
Med.
Design & Developed by : SOFTBD Ltd. SQL Injection Vul
11.04.2019
mr.Gh0st N@0b
Med.
FreeSMS 2.1.2 SQL Injection
05.04.2019
Yilmaz Degirmenci
Med.
BigTree 4.3.4 CMS Multiple SQL Injection
04.04.2019
Mehmet EMIROGLU
Med.
Clinic Pro 4 SQL Injection
04.04.2019
Abdullah Celebi
Med.
iScripts ReserveLogic SQL Injection
04.04.2019
Ahmet Umit Bayram
Med.
Ashop Shopping Cart Software SQL Injection
04.04.2019
Ahmet Umit Bayram
Med.
CMS Made Simple SQL Injection
02.04.2019
Daniele Scanu
Med.
BigTree CMS 4.3.4 SQL Injection
31.03.2019
Mehmet Emiroglu
Med.
Magento 2.3.0 SQL Injection
29.03.2019
Charles FOL
Med.
Izdelava Intera Design Studiointera SQL Injection
28.03.2019
KingSkrupellos
Med.
Jettweb Hazir Rent A Car Scripti 4 SQL Injection
28.03.2019
Ahmet Umit Bayram
Med.
XooDigital SQL Injection
28.03.2019
Ahmet Umit Bayram
Med.
Jettweb PHP Hazir Haber Sitesi Scripti 3 SQL Injection
25.03.2019
Ahmet Umit Bayram
Med.
Jettweb PHP Hazir Haber Sitesi Scripti 2 SQL Injection
25.03.2019
Ahmet Umit Bayram
Med.
Jettweb PHP Hazir Haber Sitesi Scripti 1 SQL Injection
25.03.2019
Ahmet Umit Bayram
Med.
C T & T SQL Injection Vulnerability And Bypass Admin page Login
25.03.2019
Mr Hashtag
Med.
Bootstrapy CMS SQL Injection
22.03.2019
Ahmet Umit Bayram
Med.
Placeto CMS Alpha 4 SQL Injection
22.03.2019
Abdullah Celebi
Med.
The Company Business Website CMS SQL Injection
22.03.2019
Ahmet Umit Bayram
Med.
uHotelBooking System SQL Injection
22.03.2019
Ahmet Umit Bayram
Med.
202CMS 10beta SQL Injection
21.03.2019
Mehmet Emiroglu
Med.
eNdonesia Portal 8.7 Iframe Injection / SQL Injection
20.03.2019
Mehmet Emiroglu
Med.
Netartmedia PHP Mall 4.1 SQL Injection
20.03.2019
Ahmet Umit Bayram
Med.
Netartmedia Event Portal 2.0 SQL Injection
20.03.2019
Ahmet Umit Bayram
Med.
Netartmedia Real Estate Portal 5.0 SQL Injection
20.03.2019
Ahmet Umit Bayram
Med.
TheCarProject 2 SQL Injection
19.03.2019
Mehmet Emiroglu
Med.
PHP MySQLi Database Class 2.9.2 SQL Injection
19.03.2019
Jaroslav Lobacevski
Med.
IWT ImagineWebTech SQL Injection
17.03.2019
KingSkrupellos
Med.
Studio G&G Corporate Communication Italy SQL Injection
16.03.2019
KingSkrupellos
Med.
Dinesh Kodithuwakku ADDprint SQL Injection
16.03.2019
KingSkrupellos
Med.
Proton Technologies India SQL Injection
11.03.2019
KingSkrupellos
Med.
SVP InfoTech SQL Injection
10.03.2019
KingSkrupellos
Med.
Namaste Hindustan SQL Injection
10.03.2019
KingSkrupellos
Med.
Nepalese Army Institute of Health Sciences SQL Injection
09.03.2019
KingSkrupellos
Med.
SRGinfotech India SQL Injection
09.03.2019
KingSkrupellos
Med.
Developpe par MBDesign-Tn Tunisia SQL Injection
08.03.2019
KingSkrupellos
Med.
Preigo Fover Technologies India SQL Injection
08.03.2019
KingSkrupellos
Med.
OOP CMS BLOG 1.0 Multiple SQL Injection
06.03.2019
Mr Winst0n
Med.
Joomla J2Store SQL Injection
01.03.2019
Andrei Conache
Med.
Joomla Content Components 3.x SQL Injection
28.02.2019
KingSkrupellos
Med.
SQLiteManager 1.2.0 / 1.2.4 SQL Injection
28.02.2019
Rafael Pedrero
Med.
News Website Script 2.0.5 SQL Injection
25.02.2019
Mr Winst0n
Med.
Joomla BookingCalendarForJoomla Components 3.4.0 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Furniture Virtuemart Templates 1.5 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla FlexiContent Components 3.2.1.15 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Contact Enhanced Components 3.9.2 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Geommunity3es Components 1.4 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla JM Car Classifieds CarAgent Templates 3.8.12 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Matukio Events Components 7.0.15 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla RD e-Tickets TicketMasterExt Components 3.5.7 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla Responsive Grid for Articles Com_Grid Components 3.4.5 SQL Injection
25.02.2019
KingSkrupellos
Med.
Joomla SpiderCalendar Components 3.2.17 SQL Injection
25.02.2019
KingSkrupellos
High
Quest NetVault Backup Server Code Execution / SQL Injection
23.02.2019
rgod
Med.
C4G Basic Laboratory Information System (BLIS) 3.4 SQL Injection
22.02.2019
Carlos Avila
Med.
EI-Tube 3 SQL Injection
22.02.2019
Meisam Monsef
Med.
Nuuo Central Management SQL Injection
22.02.2019
Pedro Ribeiro
Med.
Typo3 CMS Modern Guestbook tx_veguestbook_pi1 3.3.0 SQL Injection
21.02.2019
KingSkrupellos
Med.
XAMPP 5.6.8 Cross Site Scripting / SQL Injection
20.02.2019
Rafael Pedrero
Med.
eDirectory SQL Injection / File Disclosure
20.02.2019
Efren Diaz


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2019-05-23
Medium
CVE-2017-11738

Vendor: Zohocorp
Software: Manageengine...
 

 
In Zoho ManageEngine Application Manager 13.1 Build 13100, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack.

 
Medium
CVE-2016-8897

Vendor: Exponentcms
Software: Exponent cms
 

 
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php.

 
Medium
CVE-2017-11559

Vendor: Zohocorp
Software: Manageengine...
 

 
An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack.

 
Medium
CVE-2019-10852

Vendor: Computrols
Software: Computrols b...
 

 
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.

 
Medium
CVE-2019-10866

Updating...
 

 
In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter.

 
2019-05-22
Medium
CVE-2019-11880

Vendor: Commsy
Software: Commsy
 

 
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.

 
Medium
CVE-2019-12279

Vendor: Nagios
Software: Nagios xi
 

 
Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form).

 
Medium
CVE-2018-7841

Vendor: Schneider-electric
Software: U.motion builder
 

 
A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered.

 
2019-05-21
Medium
CVE-2019-12251

Vendor: Ucms project
Software: UCMS
 

 
sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter.

 
2019-05-20
Medium
CVE-2019-12239

Vendor: Wpbookingsystem
Software: Wp booking s...
 

 
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top