Export limit exceeded: 338520 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18206 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18206 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17645 | 1 Phpautoclassifiedscript | 1 Bus Booking Script | 2025-04-20 | N/A |
| Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php. | ||||
| CVE-2017-17643 | 1 Lynda Clone Project | 1 Lynda Clone | 2025-04-20 | 9.8 Critical |
| FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/. | ||||
| CVE-2017-17642 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2025-04-20 | N/A |
| Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job. | ||||
| CVE-2017-17641 | 1 Resume Clone Script Project | 1 Resume Clone Script | 2025-04-20 | N/A |
| Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter. | ||||
| CVE-2017-17640 | 1 Advanced World Database Project | 1 Advanced World Database | 2025-04-20 | N/A |
| Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. | ||||
| CVE-2017-17639 | 1 Muslim Matrimonial Script Project | 1 Muslim Matrimonial Script | 2025-04-20 | N/A |
| Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter. | ||||
| CVE-2016-4468 | 2 Cloudfoundry, Pivotal Software | 5 Cloud Foundry Uaa Bosh, Cloud Foundry, Cloud Foundry Elastic Runtime and 2 more | 2025-04-20 | N/A |
| SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3.x before 3.3.0.2, and 3.4.x before 3.4.1; UAA BOSH before 11.2 and 12.x before 12.2; Elastic Runtime before 1.6.29 and 1.7.x before 1.7.7; and Ops Manager 1.7.x before 1.7.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-4861 | 2 Fedoraproject, Zend | 2 Fedora, Zend Framework | 2025-04-20 | N/A |
| The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation. | ||||
| CVE-2016-4893 | 1 Setucocms Project | 1 Setucocms | 2025-04-20 | N/A |
| SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-4905 | 1 Wp-olivecart | 2 Olivecart, Olivecartpro | 2025-04-20 | N/A |
| SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2016-6233 | 2 Fedoraproject, Zend | 2 Fedora, Zend Framework | 2025-04-20 | N/A |
| The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression. | ||||
| CVE-2016-7400 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. | ||||
| CVE-2016-8025 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | ||||
| CVE-2016-8027 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | N/A |
| SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post. | ||||
| CVE-2016-8341 | 1 Ecava | 1 Integraxor | 2025-04-20 | N/A |
| An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands. | ||||
| CVE-2017-17638 | 1 Groupon Clone Script Project | 1 Groupon Clone Script | 2025-04-20 | N/A |
| Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter. | ||||
| CVE-2016-8928 | 1 Ibm | 1 Kenexa Lms | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2016-8929 | 1 Ibm | 1 Kenexa Lms | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2016-8930 | 1 Ibm | 1 Kenexa Lms | 2025-04-20 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2016-9019 | 1 Exponentcms | 1 Exponent Cms | 2025-04-20 | N/A |
| SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter. | ||||