Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

457205 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/19 3:37 p.m.5 views

CVE-2017-20258

Joomla! Component RPC Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=compofos&view=pofo&id=SQL ...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/06/19 3:34 p.m.6 views

EUVD-2017-18984

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/19 3:34 p.m.30 views

CVE-2017-20257 Joomla! Component Quiz Deluxe 3.7.4 SQL Injection

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...

8.8CVSS0.00334EPSS
Exploits0References4
CVE
CVEadded 2026/06/19 3:34 p.m.12 views

CVE-2017-20257

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands via the ajaxaction.flag_question task. Exploitation can occur by injecting malicious SQL through the stu_quiz_id or flag_quest parameters to manipula...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/19 3:30 p.m.28 views

CVE-2017-20256 Joomla Survey Force Deluxe 3.2.4 SQL Injection via invite Parameter

Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite...

8.8CVSS0.00334EPSS
Exploits0References4
CVE
CVEadded 2026/06/19 3:30 p.m.11 views

CVE-2017-20256

Joomla Survey Force Deluxe 3.2.4 is affected by an SQL injection via the invite parameter, allowing unauthenticated attackers to run arbitrary SQL through crafted GET requests and potentially read sensitive database information. Impact is high (unauthenticated, network access, data confidentialit...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/19 3:30 p.m.6 views

EUVD-2017-18983

Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
CVE
CVEadded 2026/06/19 3:27 p.m.10 views

CVE-2017-20255

This CVE affects the Joomla! extension JB Visa 1.0. The vulnerability is an SQL injection in the visatype parameter that can be exploited via GET requests to index.php with option=com_bookpro and view=popup, allowing unauthenticated attackers to extract sensitive data (credentials and table conte...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/19 3:27 p.m.27 views

CVE-2017-20255 Joomla! Component JB Visa 1.0 SQL Injection via visatype

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS0.00334EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/19 3:27 p.m.3 views

EUVD-2017-18982

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
CVE
CVEadded 2026/06/19 3:24 p.m.9 views

CVE-2017-20254

The CVE-2017-20254 entry concerns the Joomla! Component User Bench 1.0, which is vulnerable to SQL injection via the userid parameter in index.php? option=com_userbench&view=detail&userid. The underlying flaw allows unauthenticated attackers to execute arbitrary SQL and exfiltrate sensitive data ...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/19 3:24 p.m.26 views

CVE-2017-20254 Joomla! Component User Bench 1.0 SQL Injection via userid

Joomla! Component User Bench 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the userid parameter. Attackers can send GET requests to index.php with the option=comuserbench&view=detail&userid...

8.8CVSS0.00334EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/19 3:24 p.m.3 views

EUVD-2017-18981

Joomla! Component User Bench 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the userid parameter. Attackers can send GET requests to index.php with the option=comuserbench&view=detail&userid...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/06/19 3:24 p.m.6 views

CVE-2017-20254

Joomla! Component User Bench 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the userid parameter. Attackers can send GET requests to index.php with the option=comuserbench&view=detail&userid...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/06/19 3:20 p.m.26 views

CVE-2017-20253 Joomla! Component My Projects 2.0 SQL Injection

Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari parameter. Attackers can craft requests to the component endpoint with SQL injection payloads to extrac...

8.8CVSS0.00334EPSS
Exploits0References4
CVE
CVEadded 2026/06/19 3:20 p.m.9 views

CVE-2017-20253

Joomla! Component My Projects 2.0 is affected by an SQL injection vulnerability that allows unauthenticated attackers to craft requests to the VerAyari parameter and execute arbitrary SQL queries. The flaw can enable extraction of sensitive database information, including credentials and system d...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/19 3:20 p.m.4 views

EUVD-2017-18980

Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari parameter. Attackers can craft requests to the component endpoint with SQL injection payloads to extrac...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/19 3:17 p.m.4 views

EUVD-2017-18979

Joomla NextGen Editor 2.1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the plname parameter. Attackers can send GET requests to index.php with option=comnge&view=config and inject malicious SQL code in the plname paramet...

8.8CVSS6.3AI score0.00323EPSS
Exploits0References3
CVE
CVEadded 2026/06/19 3:17 p.m.12 views

CVE-2017-20252

This CVE affects Joomla NextGen Editor 2.1.0. The vulnerability is an SQL injection in the plname parameter, exploitable via GET requests to index.php with option=com_nge&view=config, enabling an unauthenticated attacker to inject SQL and potentially access sensitive database information. Reporte...

8.8CVSS6.3AI score0.00323EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/06/19 3:17 p.m.24 views

CVE-2017-20252 Joomla NextGen Editor 2.1.0 SQL Injection via plname Parameter

Joomla NextGen Editor 2.1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the plname parameter. Attackers can send GET requests to index.php with option=comnge&view=config and inject malicious SQL code in the plname paramet...

8.8CVSS0.00323EPSS
Exploits0References3
Rows per page
Query Builder