Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13184 matches found

Prion
Prionadded 2015/06/15 2:59 p.m.11 views

Sql injection

SQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated users with the "access Spider Contacts category administration" permission to execute arbitrary SQL commands via unspecified vectors...

6CVSS8.4AI score0.00986EPSS
Exploits0References3
Cvelist
Cvelistadded 2015/06/15 2:0 p.m.19 views

CVE-2015-4348

SQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated users with the "access Spider Contacts category administration" permission to execute arbitrary SQL commands via unspecified vectors...

7.9AI score0.00986EPSS
Exploits0References3
NVD
NVDadded 2015/06/13 2:59 p.m.12 views

CVE-2015-2956

SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01285EPSS
Exploits0References4
Prion
Prionadded 2015/06/13 2:59 p.m.13 views

Sql injection

SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.01285EPSS
Exploits0References4Affected Software3
CVE
CVEadded 2015/06/13 2:0 p.m.40 views

CVE-2015-2956

MilkyStep by Igreks MilkyStep Light v0.94 and earlier and MilkyStep Professional v1.82 and earlier contain a SQL injection (CWE-89) vulnerability that enables remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected products include MilkyStep Light Ver0.94 and earlier ...

7.5CVSS8.7AI score0.01285EPSS
Exploits0References4Affected Software3
Cvelist
Cvelistadded 2015/06/09 2:0 p.m.29 views

CVE-2015-4109

Multiple SQL injection vulnerabilities in the ratings module in the Users Ultra plugin before 1.5.16 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 datatarget or 2 datavote parameter in a ratingvote wpajaxnoprivratingvote action to wp-admin/admin-ajax.php...

8.5AI score0.02364EPSS
Exploits2References4
CVE
CVEadded 2015/06/08 2:0 p.m.63 views

CVE-2015-2999

CVE-2015-2999: SysAid Help Desk prior to 15.2 contains multiple SQL injection vulnerabilities. The injected vectors include (1) groupFilter in AssetDetails via /genericreport, (2) customSQL in TopAdministratorsByAverageTimer and (3) ActiveRequests via /genericreport, (4) dir parameter to HelpDesk...

6.5CVSS8.5AI score0.01809EPSS
Exploits5References5Affected Software1
Cvelist
Cvelistadded 2015/06/02 2:0 p.m.16 views

CVE-2015-4159

SQL injection vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes 2153892...

8.4AI score0.0126EPSS
Exploits1References2
CVE
CVEadded 2015/06/02 2:0 p.m.39 views

CVE-2015-4159

The CVE-2015-4159 entry concerns SAP HANA Web-based Development Workbench with an SQL injection vulnerability. The affected component is the Web-based Development Workbench in SAP HANA, where remote attackers can submit specially crafted SQL commands to manipulate or obtain data. The root cause i...

7.5CVSS8.7AI score0.0126EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2015/06/02 2:0 p.m.45 views

CVE-2015-4160

CVE-2015-4160 describes a SQL injection vulnerability in the SAP ASE Database Platform. A remote attacker could exploit unspecified vectors to execute arbitrary SQL commands, potentially viewing, adding, modifying, or deleting data. The entry references SAP Security Notes: 2152278. The NVD score ...

7.5CVSS8.7AI score0.0126EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2015/06/02 2:0 p.m.18 views

CVE-2015-4160

SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278...

8.4AI score0.0126EPSS
Exploits1References2
NVD
NVDadded 2015/05/29 3:59 p.m.13 views

CVE-2015-0753

SQL injection vulnerability in Cisco Unified Email Interaction Manager EIM and Unified Web Interaction Manager WIM 9.02 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028...

6.8CVSS8.4AI score0.01832EPSS
Exploits0References2
Prion
Prionadded 2015/05/29 3:59 p.m.12 views

Sql injection

SQL injection vulnerability in Cisco Unified Email Interaction Manager EIM and Unified Web Interaction Manager WIM 9.02 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028...

6.8CVSS9.1AI score0.01832EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2015/05/29 2:59 p.m.13 views

Sql injection

SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to execute arbitrary SQL commands via the program parameter...

7.5CVSS9AI score0.02414EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2015/05/29 2:0 p.m.21 views

CVE-2015-4137

SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to execute arbitrary SQL commands via the program parameter...

8.4AI score0.02414EPSS
Exploits1References4
Cvelist
Cvelistadded 2015/05/28 2:0 p.m.24 views

CVE-2015-1392

Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager CPPM before 6.4.5 allow remote administrators to execute arbitrary SQL commands via unspecified vectors...

8.5AI score0.00814EPSS
Exploits0References1
NVD
NVDadded 2015/05/27 6:59 p.m.23 views

CVE-2015-4066

Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the 1 showartistid or 2 showvenueid parameter in an add action in the gigpress.php page to wp-admin/admin.php...

6.5CVSS7.5AI score0.04153EPSS
Exploits5References4
NVD
NVDadded 2015/05/27 6:59 p.m.28 views

CVE-2015-4064

SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post parameter in an edit delete-variation action to wp-admin/post.php...

6.5CVSS7.9AI score0.03748EPSS
Exploits5References4
NVD
NVDadded 2015/05/27 6:59 p.m.18 views

CVE-2015-4062

SQL injection vulnerability in includes/nspsearch.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nspsearch page to wp-admin/admin.php...

6.5CVSS7.9AI score0.0911EPSS
Exploits6References4
Prion
Prionadded 2015/05/27 6:59 p.m.15 views

Sql injection

SQL injection vulnerability in includes/nspsearch.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nspsearch page to wp-admin/admin.php...

6.5CVSS8.5AI score0.0911EPSS
Exploits6References4Affected Software1
Rows per page
Query Builder