Total
16329 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-20163 | 1 Nview Project | 1 Nview | 2024-11-21 | 5.5 Medium |
| A vulnerability has been found in Red Snapper NView and classified as critical. This vulnerability affects the function mutate of the file src/Session.php. The manipulation of the argument session leads to sql injection. The name of the patch is cbd255f55d476b29e5680f66f48c73ddb3d416a8. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217516. | ||||
| CVE-2017-20150 | 1 Challenge Website Project | 1 Challenge Website | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in challenge website. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is f1644b1d3502e5aa5284f31ea80d2623817f4d42. It is recommended to apply a patch to fix this issue. The identifier VDB-216989 was assigned to this vulnerability. | ||||
| CVE-2017-1722 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | N/A |
| IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 134811. | ||||
| CVE-2017-1670 | 1 Ibm | 1 Security Key Lifecycle Manager | 2024-11-21 | N/A |
| IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637. | ||||
| CVE-2017-18888 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts. | ||||
| CVE-2017-18614 | 1 Wp-kama | 1 Kama Click Counter | 2024-11-21 | 8.1 High |
| The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter. | ||||
| CVE-2017-18602 | 1 Ibps Online Exam Project | 1 Ibps Online Exam | 2024-11-21 | 8.8 High |
| The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter. | ||||
| CVE-2017-18597 | 1 Jtrt Responsive Tables Project | 1 Jtrt Responsive Tables | 2024-11-21 | 8.8 High |
| The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter. | ||||
| CVE-2017-18573 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | N/A |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | ||||
| CVE-2017-18571 | 1 Search Everything Project | 1 Search Everything | 2024-11-21 | N/A |
| The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316. | ||||
| CVE-2017-18570 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | N/A |
| The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries. | ||||
| CVE-2017-18548 | 1 Datainterlock | 1 Note Press | 2024-11-21 | N/A |
| The note-press plugin before 0.1.2 for WordPress has SQL injection. | ||||
| CVE-2017-18515 | 1 Veronalabs | 1 Wp Statistics | 2024-11-21 | N/A |
| The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. | ||||
| CVE-2017-18514 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 9.8 Critical |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | ||||
| CVE-2017-18406 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276). | ||||
| CVE-2017-18346 | 1 Web-gooroo | 1 Cms Web-gooroo | 2024-11-21 | N/A |
| SQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo through 2013-01-19 allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter. | ||||
| CVE-2017-18291 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter. | ||||
| CVE-2017-18290 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter. | ||||
| CVE-2017-18289 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter. | ||||
| CVE-2017-18288 | 1 Pvpgn | 1 Stats | 2024-11-21 | N/A |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter. | ||||