Filtered by CWE-89
Filtered by vendor Subscriptions
Total 18782 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-17102 1 Fiyo 1 Fiyo Cms 2025-04-20 N/A
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].
CVE-2017-16542 1 Zohocorp 1 Manageengine Applications Manager 2025-04-20 N/A
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
CVE-2012-4570 1 Letodms Project 1 Letodms 2025-04-20 N/A
SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-16000 1 Eyesofnetwork 1 Eyesofnetwork 2025-04-20 N/A
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
CVE-2017-15993 1 Zomato Clone Script Project 1 Zomato Clone Script 2025-04-20 N/A
Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.
CVE-2017-15992 1 Website Broker Script Project 1 Website Broker Script 2025-04-20 N/A
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
CVE-2017-15986 1 Cpa Lead Reward Script Project 1 Cpa Lead Reward Script 2025-04-20 N/A
CPA Lead Reward Script allows SQL Injection via the username parameter.
CVE-2017-15985 1 Readymadeb2bscript 1 Basic B2b Script 2025-04-20 N/A
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
CVE-2017-15974 1 Datacomponents 1 Tpanel 2025-04-20 N/A
tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.
CVE-2017-15967 1 Mailing-manager 1 Mailing List Manager Pro 2025-04-20 N/A
Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template.
CVE-2017-15963 1 Itechscripts 1 Gigs Script 2025-04-20 N/A
iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.
CVE-2017-17600 1 Basic B2b Script Project 1 Basic B2b Script 2025-04-20 N/A
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
CVE-2017-15959 1 Adultscriptpro 1 Adultscriptpro 2025-04-20 N/A
Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576.
CVE-2017-15958 1 Domainzaar 1 D-park Pro 2025-04-20 N/A
D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.
CVE-2017-15965 1 Nswd 1 Ns Download Shop 2025-04-20 N/A
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
CVE-2017-15579 1 Phpsugar 1 Php Melody 2025-04-20 N/A
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.
CVE-2017-15578 1 Phpsugar 1 Php Melody 2025-04-20 N/A
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.
CVE-2017-15539 1 Zorovavi\/blog Project 1 Zorovavi\/blog 2025-04-20 N/A
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
CVE-2017-17872 1 Jextn 1 Jextn Video Gallery 2025-04-20 N/A
The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.
CVE-2017-15381 1 Softwarepublico 1 E-sic 2025-04-20 N/A
SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script).