Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9398 | 1 Webmaster-source | 1 Gocodes | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. | |||||
| CVE-2015-9395 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. | |||||
| CVE-2015-9353 | 1 Tri | 1 Gigpress | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066. | |||||
| CVE-2015-9352 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-polls plugin before 2.72 for WordPress has SQL injection. | |||||
| CVE-2015-9344 | 1 Perafox | 1 Link Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The link-log plugin before 2.1 for WordPress has SQL injection. | |||||
| CVE-2015-9335 | 1 Bestwebsoft | 1 Limit Attempts | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling. | |||||
| CVE-2015-9334 | 1 Email-newsletter Project | 1 Email-newsletter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The email-newsletter plugin through 20.15 for WordPress has SQL injection. | |||||
| CVE-2015-9333 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cforms2 plugin before 14.6.10 for WordPress has SQL injection. | |||||
| CVE-2015-9330 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection. | |||||
| CVE-2015-9326 | 1 Wpbusinessintelligence | 1 Wp Business Intelligence | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection. | |||||
| CVE-2015-9325 | 1 Bestwebsoft | 1 Visitors Online | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The visitors-online plugin before 0.4 for WordPress has SQL injection. | |||||
| CVE-2015-9323 | 1 Duckdev | 1 404 To 301 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. | |||||
| CVE-2015-9316 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. | |||||
| CVE-2015-9315 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newstatpress plugin before 1.0.1 for WordPress has SQL injection. | |||||
| CVE-2015-9313 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element. | |||||
| CVE-2015-9310 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. | |||||
| CVE-2015-9301 | 1 W3eden | 1 Live Forms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The liveforms plugin before 3.2.0 for WordPress has SQL injection. | |||||
| CVE-2015-9249 | 1 Skyboxsecurity | 1 Skybox Platform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview/webservice/services/VersionWebService via a soapenv:Body element. | |||||
| CVE-2015-9244 | 1 Mysqljs | 1 Mysql | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection. | |||||
| CVE-2015-8298 | 1 Rxtec | 1 Rxadmin | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm. | |||||