ReportizFlow
Filtered by vendor
Subscriptions
Total
17246 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17575 | 1 Swa | 1 Swa.jacad | 2024-11-21 | N/A |
| SWA SWA.JACAD 3.1.37 Build 024 has SQL Injection via the /academico/aluno/esqueci-minha-senha/ studentId parameter. | ||||
| CVE-2018-17566 | 1 Thinkphp | 1 Thinkphp | 2024-11-21 | N/A |
| In ThinkPHP 5.1.24, the inner function delete can be used for SQL injection when its WHERE condition's value can be controlled by a user's request. | ||||
| CVE-2018-17562 | 1 Multitech | 1 Faxfinder | 2024-11-21 | N/A |
| Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points. | ||||
| CVE-2018-17552 | 1 Naviwebs | 1 Navigate Cms | 2024-11-21 | N/A |
| SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie. | ||||
| CVE-2018-17542 | 1 Hgiga | 1 Oaklouds Mailsherlock | 2024-11-21 | N/A |
| SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request. | ||||
| CVE-2018-17446 | 1 Citrix | 2 Netscaler Sd-wan, Sd-wan | 2024-11-21 | N/A |
| A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||||
| CVE-2018-17428 | 1 Nexusfi | 1 Opac Easyweb Five | 2024-11-21 | N/A |
| An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL injection via the w2001/index.php?scelta=campi biblio parameter. | ||||
| CVE-2018-17420 | 1 Zrlog | 1 Zrlog | 2024-11-21 | N/A |
| An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter. | ||||
| CVE-2018-17416 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adclass.php bigclassid parameter. | ||||
| CVE-2018-17415 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter. | ||||
| CVE-2018-17414 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter. | ||||
| CVE-2018-17412 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header. | ||||
| CVE-2018-17410 | 1 Horus Cms Project | 1 Horus Cms | 2024-11-21 | 9.8 Critical |
| Horus CMS allows SQL Injection, as demonstrated by a request to the /busca or /home URI. | ||||
| CVE-2018-17399 | 1 Jimtawl Project | 1 Jimtawl | 2024-11-21 | N/A |
| SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via the id parameter. | ||||
| CVE-2018-17398 | 1 Arenam | 1 Amgallery | 2024-11-21 | N/A |
| SQL Injection exists in the AMGallery 1.2.3 component for Joomla! via the filter_category_id parameter. | ||||
| CVE-2018-17397 | 1 Multiplanet | 1 Alphaindex Dictionaries | 2024-11-21 | N/A |
| SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter. | ||||
| CVE-2018-17394 | 1 Osthemeclub | 1 Timetable Schedule | 2024-11-21 | N/A |
| SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter. | ||||
| CVE-2018-17393 | 1 Healthnode Hospital Management System Project | 1 Healthnode Hospital Management System | 2024-11-21 | N/A |
| SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/Patient/patientdetails.php. | ||||
| CVE-2018-17391 | 1 Super Cms Blog Pro Project | 1 Super Cms Blog Pro | 2024-11-21 | N/A |
| SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter. | ||||
| CVE-2018-17388 | 1 Ranksol | 1 Twilio Web To Fax Machine System | 2024-11-21 | N/A |
| SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the email or password parameter to login_check.php, or the id parameter to add_email.php or edit_content.php. | ||||