Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13184 matches found

Cvelist
Cvelistadded 2017/03/07 4:0 p.m.16 views

CVE-2016-7782

SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter...

10AI score0.02567EPSS
Exploits1References3
Cvelist
Cvelistadded 2017/03/07 4:0 p.m.14 views

CVE-2016-7789

SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter...

10AI score0.02497EPSS
Exploits2References4
Prion
Prionadded 2017/03/03 3:59 p.m.12 views

Sql injection

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

7.5CVSS9AI score0.02082EPSS
Exploits2References2Affected Software1
UbuntuCve
UbuntuCveadded 2017/03/03 3:59 p.m.24 views

CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

9.8CVSS7.5AI score0.02082EPSS
Exploits2References4
OSV
OSVadded 2017/03/03 3:59 p.m.22 views

CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

9.8CVSS8.6AI score
Exploits0References2
Prion
Prionadded 2017/02/17 8:59 p.m.10 views

Sql injection

SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter...

6.5CVSS8.8AI score0.01066EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2017/02/17 8:0 p.m.18 views

CVE-2017-6065

SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter...

8.9AI score0.01066EPSS
Exploits0References1
Prion
Prionadded 2017/02/17 2:59 a.m.25 views

Sql injection

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggleids array parameter in latest.php...

7.5CVSS8.8AI score0.83284EPSS
Exploits24References7Affected Software1
Debian CVE
Debian CVEadded 2017/02/16 6:0 p.m.27 views

CVE-2016-10134

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggleids array parameter in latest.php...

9.8CVSS7.2AI score0.83284EPSS
Exploits24
Prion
Prionadded 2017/02/15 7:59 p.m.12 views

Sql injection

Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the 1 ordersstatus or 2 customersstatus parameter to api/easybill/easybillcsv.php...

7.5CVSS9.2AI score0.0373EPSS
Exploits5References2Affected Software1
OSV
OSVadded 2017/02/15 7:59 p.m.1 views

CVE-2016-3694

Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the 1 ordersstatus or 2 customersstatus parameter to api/easybill/easybillcsv.php...

9.8CVSS6.1AI score0.0373EPSS
Exploits5References2
NVD
NVDadded 2017/02/15 7:59 p.m.22 views

CVE-2016-3694

Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the 1 ordersstatus or 2 customersstatus parameter to api/easybill/easybillcsv.php...

9.8CVSS10AI score0.0373EPSS
Exploits5References2
OSV
OSVadded 2017/02/07 3:59 p.m.16 views

CVE-2016-7400

Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an activateaddress address controller action, 2 title parameter in a show blog controller action, or 3 contentid parameter in a showComments...

9.8CVSS8.7AI score
Exploits0References7
NVD
NVDadded 2017/02/07 3:59 p.m.18 views

CVE-2016-7400

Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an activateaddress address controller action, 2 title parameter in a show blog controller action, or 3 contentid parameter in a showComments...

9.8CVSS10AI score0.04651EPSS
Exploits4References7
Cvelist
Cvelistadded 2017/02/07 3:0 p.m.22 views

CVE-2016-7400

Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an activateaddress address controller action, 2 title parameter in a show blog controller action, or 3 contentid parameter in a showComments...

10AI score0.04651EPSS
Exploits4References7
OSV
OSVadded 2017/01/31 10:59 p.m.4 views

CVE-2016-9402

SQL injection vulnerability in the moderation tool in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

9.8CVSS6.1AI score0.02116EPSS
Exploits0References4
Prion
Prionadded 2017/01/31 10:59 p.m.22 views

Sql injection

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.02119EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCveadded 2017/01/30 4:59 a.m.34 views

CVE-2017-5611

SQL injection vulnerability in wp-includes/class-wp-query.php in WPQuery in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name...

9.8CVSS7.2AI score0.09933EPSS
Exploits0References6
Prion
Prionadded 2017/01/30 4:59 a.m.17 views

Sql injection

SQL injection vulnerability in wp-includes/class-wp-query.php in WPQuery in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name...

7.5CVSS9.7AI score0.09933EPSS
Exploits0References9Affected Software3
NVD
NVDadded 2017/01/30 4:59 a.m.20 views

CVE-2017-5611

SQL injection vulnerability in wp-includes/class-wp-query.php in WPQuery in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name...

9.8CVSS9.9AI score0.09933EPSS
Exploits0References9
Rows per page
Query Builder