Total
15831 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18888 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts. | |||||
| CVE-2017-18614 | 1 Wp-kama | 1 Kama Click Counter | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter. | |||||
| CVE-2017-18602 | 1 Ibps Online Exam Project | 1 Ibps Online Exam | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter. | |||||
| CVE-2017-18597 | 1 Jtrt Responsive Tables Project | 1 Jtrt Responsive Tables | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter. | |||||
| CVE-2017-18573 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | |||||
| CVE-2017-18571 | 1 Search Everything Project | 1 Search Everything | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316. | |||||
| CVE-2017-18570 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries. | |||||
| CVE-2017-18548 | 1 Datainterlock | 1 Note Press | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The note-press plugin before 0.1.2 for WordPress has SQL injection. | |||||
| CVE-2017-18515 | 1 Veronalabs | 1 Wp Statistics | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. | |||||
| CVE-2017-18514 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | |||||
| CVE-2017-18406 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276). | |||||
| CVE-2017-18346 | 1 Web-gooroo | 1 Cms Web-gooroo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo through 2013-01-19 allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter. | |||||
| CVE-2017-18291 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter. | |||||
| CVE-2017-18290 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter. | |||||
| CVE-2017-18289 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter. | |||||
| CVE-2017-18288 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter. | |||||
| CVE-2017-18287 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter. | |||||
| CVE-2017-18260 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter). | |||||
| CVE-2017-18194 | 1 Hamayeshnegar | 1 Hamayeshnegar Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter. | |||||
| CVE-2017-17999 | 1 Fairsketch | 1 Rise Ultimate Project Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/. | |||||