Lucene search
K

13188 matches found

Cvelist
Cvelist
added 2017/01/12 6:6 a.m.25 views

CVE-2017-5345

SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI...

8.9AI score0.01552EPSS
Exploits1References3
Prion
Prion
added 2017/01/04 2:59 a.m.13 views

Sql injection

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch...

7.5CVSS9AI score0.01589EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/01/04 2:0 a.m.26 views

CVE-2016-10114

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch...

9.9AI score0.01589EPSS
Exploits0References4
Prion
Prion
added 2017/01/01 7:59 p.m.13 views

Sql injection

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

7.5CVSS9.1AI score0.0107EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/01/01 7:0 p.m.31 views

CVE-2016-10096

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

7.8AI score0.0107EPSS
Exploits0References4
CNVD
CNVD
added 2016/12/27 12:0 a.m.2 views

phpMyAdmin SQL Injection Vulnerability (CNVD-2016-13237)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A SQL injection vulnerability exists in phpMyAdmin. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

8.8CVSS8.3AI score0.01481EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2016/12/13 12:0 a.m.52 views

Joomla! Component DT Register - 'cat' SQL Injection

Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...

7.4AI score
Exploits0
CNVD
CNVD
added 2016/12/02 12:0 a.m.3 views

IBM BigFix Remote Control SQL Injection Vulnerability

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A SQL injection vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary SQL commands...

6.5CVSS8.4AI score0.01091EPSS
Exploits0References1
OSV
OSV
added 2016/11/30 6:59 p.m.4 views

CVE-2016-2873

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

8.8CVSS6.1AI score0.01119EPSS
Exploits0References2
NVD
NVD
added 2016/11/30 6:59 p.m.25 views

CVE-2016-2873

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

8.8CVSS8.7AI score0.01119EPSS
Exploits0References2
Prion
Prion
added 2016/11/30 6:59 p.m.20 views

Sql injection

SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.3AI score0.01119EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2016/11/17 12:0 a.m.42 views

Exponent CMS <= 2.4.0 Information Disclosure and SQLi Vulnerabilities

Exponent CMS is prone to an SQL injection SQLi and an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

9.8CVSS6.7AI score0.01827EPSS
Exploits1References6
OSV
OSV
added 2016/11/14 11:20 p.m.7 views

CVE-2016-8908

SQL injection vulnerability in the "Site Browser HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

8.8CVSS8AI score
Exploits0References5
OSV
OSV
added 2016/11/14 11:20 p.m.10 views

CVE-2016-8907

SQL injection vulnerability in the "Content Types Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

8.8CVSS8.2AI score
Exploits0References5
NVD
NVD
added 2016/11/14 11:20 p.m.21 views

CVE-2016-8906

SQL injection vulnerability in the "Site Browser Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

8.8CVSS8.9AI score0.01995EPSS
Exploits3References5
NVD
NVD
added 2016/11/14 11:20 p.m.15 views

CVE-2016-8905

SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter...

8.8CVSS8.9AI score0.01995EPSS
Exploits3References5
OSV
OSV
added 2016/11/14 11:20 p.m.8 views

CVE-2016-8903

SQL injection vulnerability in the "Site Browser Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...

8.8CVSS8.2AI score
Exploits0References5
OSV
OSV
added 2016/11/14 11:20 p.m.6 views

CVE-2016-8902

SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter...

9.8CVSS9.8AI score
Exploits0References5
OpenVAS
OpenVAS
added 2016/11/02 12:0 a.m.24 views

dotCMS < 3.3.2 SQLi Vulnerability

dotCMS is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotcms:dotcms"; if...

7.2CVSS7.5AI score0.01327EPSS
Exploits2References1
Prion
Prion
added 2016/10/27 9:59 p.m.16 views

Sql injection

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

6.5CVSS7.7AI score0.02975EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder