Total
16382 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21250 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 9.8 Critical |
| CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php. | ||||
| CVE-2020-21180 | 1 Koa2-blog Project | 1 Koa2-blog | 2024-11-21 | 9.8 Critical |
| Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signup page. | ||||
| CVE-2020-21179 | 1 Koa2-blog Project | 1 Koa2-blog | 2024-11-21 | 9.8 Critical |
| Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page. | ||||
| CVE-2020-21176 | 1 Thinkjs | 1 Thinkjs | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter. | ||||
| CVE-2020-21133 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid. | ||||
| CVE-2020-21132 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Metinfo 7.0.0beta in index.php. | ||||
| CVE-2020-21131 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.2 High |
| SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguage. | ||||
| CVE-2020-21127 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 9.8 Critical |
| MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel. | ||||
| CVE-2020-21121 | 1 Kliqqi | 1 Kliqqi Cms | 2024-11-21 | 9.8 Critical |
| Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file. | ||||
| CVE-2020-21013 | 1 Emlog | 1 Emlog | 2024-11-21 | 7.2 High |
| emlog v6.0.0 contains a SQL injection via /admin/comment.php. | ||||
| CVE-2020-21012 | 1 Hotel And Lodge Booking Management System Project | 1 Hotel And Lodge Booking Management System | 2024-11-21 | 9.8 Critical |
| Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. | ||||
| CVE-2020-20981 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 High |
| A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information. | ||||
| CVE-2020-20975 | 1 Gxlcms | 1 Gxlcms | 2024-11-21 | 9.8 Critical |
| In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter. | ||||
| CVE-2020-20800 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 9.8 Critical |
| An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI. | ||||
| CVE-2020-20797 | 1 Flamecms Project | 1 Flamecms | 2024-11-21 | 9.8 Critical |
| FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php. | ||||
| CVE-2020-20796 | 1 Flamecms Project | 1 Flamecms | 2024-11-21 | 9.8 Critical |
| FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter. | ||||
| CVE-2020-20692 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 7.2 High |
| GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php. | ||||
| CVE-2020-20675 | 1 Nuishop | 1 Nuishop | 2024-11-21 | 9.8 Critical |
| Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/. | ||||
| CVE-2020-20625 | 1 Slicedinvoices | 1 Sliced Invoices | 2024-11-21 | 7.5 High |
| Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php. | ||||
| CVE-2020-20585 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 High |
| A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information. | ||||