ReportizFlow
Filtered by vendor
Subscriptions
Total
18764 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11385 | 1 Trendmicro | 1 Control Manager | 2025-04-20 | N/A |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545. | ||||
| CVE-2017-11413 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/comment_status.php via $_GET['id']. | ||||
| CVE-2017-11418 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i]. | ||||
| CVE-2017-11419 | 1 Fiyo | 1 Fiyo Cms | 2025-04-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title']. | ||||
| CVE-2017-11475 | 1 Glpi-project | 1 Glpi | 2025-04-20 | N/A |
| GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php. | ||||
| CVE-2017-11508 | 1 Tenable | 1 Securitycenter | 2025-04-20 | N/A |
| SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could exploit this vulnerability by entering a crafted SQL query into the password field of a diagnostic scan within SecurityCenter. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access. | ||||
| CVE-2017-15933 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2025-04-20 | N/A |
| SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php. | ||||
| CVE-2017-15960 | 1 Yourarticlesdirectory | 1 Article Directory Script | 2025-04-20 | N/A |
| Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. | ||||
| CVE-2017-15988 | 1 Nicephpscripts | 1 Nice Php Faq Script | 2025-04-20 | N/A |
| Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525. | ||||
| CVE-2017-15989 | 1 Online Exam Test Application Project | 1 Online Exam Test Application | 2025-04-20 | N/A |
| Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action. | ||||
| CVE-2017-17592 | 1 Website Auction Marketplace Project | 1 Website Auction Marketplace | 2025-04-20 | N/A |
| Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter. | ||||
| CVE-2017-17635 | 1 Mlm Forex Market Plan Script Project | 1 Mlm Forex Market Plan Script | 2025-04-20 | N/A |
| MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter. | ||||
| CVE-2017-17642 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2025-04-20 | N/A |
| Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job. | ||||
| CVE-2017-1606 | 1 Ibm | 1 Financial Transaction Manager | 2025-04-20 | N/A |
| IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 132926. | ||||
| CVE-2015-5052 | 1 Sefrengo | 1 Sefrengo | 2025-04-20 | N/A |
| SQL injection vulnerability in Sefrengo before 1.6.5 beta2. | ||||
| CVE-2017-15984 | 1 Bekirk | 1 Creative Management System Lite | 2025-04-20 | N/A |
| Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | ||||
| CVE-2017-15982 | 1 Geniusocean | 1 News | 2025-04-20 | 9.8 Critical |
| Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||||
| CVE-2017-15977 | 1 Protectedlinks | 1 Expiring Download Links | 2025-04-20 | N/A |
| Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | ||||
| CVE-2017-15972 | 1 Softdatepro | 1 Dating Software | 2025-04-20 | N/A |
| SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971. | ||||
| CVE-2017-15970 | 1 Phpcityportal | 1 Phpcityportal | 2025-04-20 | N/A |
| PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. | ||||