Total
11922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-1477 | 1 Cmsjunkie | 1 J-classifiedsmanager | 2015-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads. | |||||
| CVE-2015-1476 | 1 Ecommercemajor Project | 1 Ecommercemajor | 2015-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allow remote attackers to execute arbitrary SQL commands via the (1) productbycat parameter to product.php, or (2) username or (3) password parameter to __admin/index.php. | |||||
| CVE-2015-1441 | 1 Piwigo | 1 Piwigo | 2015-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-1400 | 1 Npds | 1 Revolution | 2015-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter. | |||||
| CVE-2015-1450 | 1 Restaurantbiller | 1 Restaurant Biller | 2015-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php. | |||||
| CVE-2015-1403 | 1 Content Rating Project | 1 Content Rating | 2015-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-1405 | 1 Content Rating Extbase Project | 1 Content Rating Extbase | 2015-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-1369 | 1 Sequelize Project | 1 Sequelize | 2015-01-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js allows remote attackers to execute arbitrary SQL commands via the order parameter. | |||||
| CVE-2015-1364 | 1 Freereprintables | 1 Articlefr | 2015-01-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/. | |||||
| CVE-2015-1372 | 1 Ferretcms Project | 1 Ferretcms | 2015-01-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php. | |||||
| CVE-2014-2081 | 1 Iii | 1 Vtls-virtua | 2015-01-26 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua before 2013.2.4 and 2014.x before 2014.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. | |||||
| CVE-2014-9560 | 1 Softbb | 1 Softbb | 2015-01-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter. | |||||
| CVE-2014-100035 | 1 Licensepal | 1 Arcticdesk | 2015-01-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ticket grid in the admin interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2014-100012 | 1 Sendy | 1 Sendy | 2015-01-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter. | |||||
| CVE-2014-10015 | 1 Phpjabbers | 1 Event Booking Calendar | 2015-01-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2014-4644 | 1 Cacti | 1 Superlinks | 2015-01-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in superlinks.php in the superlinks plugin 1.4-2 for Cacti allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2015-0919 | 1 Sefrengo | 1 Sefrengo | 2015-01-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter to backend/main.php. | |||||
| CVE-2014-9455 | 1 Cts Projects\&software | 1 Classad | 2015-01-06 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showads.php in CTS Projects & Software ClassAd 3.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2014-9450 | 1 Zabbix | 1 Zabbix | 2015-01-06 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands via the (1) itemid or (2) periods parameter. | |||||
| CVE-2014-9457 | 1 Pmb Services | 1 Pmb | 2015-01-05 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in classes/mono_display.class.php in PMB 4.1.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the id parameter to catalog.php. | |||||