Total
11641 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7784 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
| SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | ||||
| CVE-2017-11583 | 1 Finecms | 1 Finecms | 2017-07-27 | N/A |
| dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an action=related request to libraries/Template.php. | ||||
| CVE-2017-11582 | 1 Finecms | 1 Finecms | 2017-07-27 | N/A |
| dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php. | ||||
| CVE-2017-11584 | 1 Finecms | 1 Finecms | 2017-07-27 | N/A |
| dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an action=module, action=member, action=form, or action=related request to libraries/Template.php. | ||||
| CVE-2017-11174 | 1 Xoops | 1 Xoops | 2017-07-27 | N/A |
| In install/page_dbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses. | ||||
| CVE-2017-3835 | 1 Cisco | 1 Identity Services Engine Software | 2017-07-25 | N/A |
| A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More Information: CSCvb15627. Known Affected Releases: 1.4(0.908). | ||||
| CVE-2017-11471 | 1 Idera | 1 Uptime Infrastructure Monitor | 2017-07-24 | N/A |
| IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter. | ||||
| CVE-2017-11470 | 1 Idera | 1 Uptime Infrastructure Monitor | 2017-07-24 | N/A |
| IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. | ||||
| CVE-2017-1000067 | 1 Modx | 1 Revolution | 2017-07-21 | N/A |
| MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges. | ||||
| CVE-2017-11474 | 1 Glpi-project | 1 Glpi | 2017-07-21 | N/A |
| GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php. | ||||
| CVE-2017-11354 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS v2.0.7 has an SQL injection vulnerability in dapur/apps/app_article/sys_article.php via the name parameter in editing or adding a tag name. | ||||
| CVE-2017-11444 | 1 Intelliants | 1 Subrion Cms | 2017-07-20 | N/A |
| Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array. | ||||
| CVE-2017-11445 | 1 Intelliants | 1 Subrion Cms | 2017-07-20 | N/A |
| Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array. | ||||
| CVE-2017-1183 | 1 Ibm | 1 Tivoli Monitoring | 2017-07-20 | N/A |
| IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494. | ||||
| CVE-2017-11419 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title']. | ||||
| CVE-2017-11418 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i]. | ||||
| CVE-2017-11417 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_status.php via $_GET['id']. | ||||
| CVE-2017-11416 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter. | ||||
| CVE-2017-11415 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/sys_article.php via $_POST['parent_id'], $_POST['desc'], $_POST['keys'], and $_POST['level']. | ||||
| CVE-2017-11414 | 1 Fiyo | 1 Fiyo Cms | 2017-07-20 | N/A |
| Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_comment/sys_comment.php via $_POST['comment'], $_POST['name'], $_POST['web'], $_POST['email'], $_POST['status'], $_POST['id'], and $_REQUEST['id']. | ||||