Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13184 matches found

NVD
NVDadded 2015/03/11 2:59 p.m.19 views

CVE-2015-1875

SQL injection vulnerability in a2billing/customer/iridiumthreed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter...

7.5CVSS8.4AI score0.01267EPSS
Exploits1References2
Prion
Prionadded 2015/03/11 2:59 p.m.13 views

Sql injection

SQL injection vulnerability in a2billing/customer/iridiumthreed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter...

7.5CVSS9.1AI score0.01267EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2015/03/10 2:59 p.m.11 views

CVE-2015-2183

Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a 1 disporders detail or 2 subadminmgt edit action or 3 cid parameter in an editcurrency action to admin/...

7.5CVSS8.4AI score0.03531EPSS
Exploits1References8
Prion
Prionadded 2015/03/10 2:59 p.m.12 views

Sql injection

Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a 1 disporders detail or 2 subadminmgt edit action or 3 cid parameter in an editcurrency action to admin/...

7.5CVSS9.1AI score0.03531EPSS
Exploits1References8Affected Software1
Cvelist
Cvelistadded 2015/03/10 2:0 p.m.22 views

CVE-2015-2183

Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a 1 disporders detail or 2 subadminmgt edit action or 3 cid parameter in an editcurrency action to admin/...

8.4AI score0.03531EPSS
Exploits1References8
Prion
Prionadded 2015/03/09 5:59 p.m.17 views

Sql injection

Multiple SQL injection vulnerabilities in Webshop hun 1.062S allow remote attackers to execute arbitrary SQL commands via the 1 termid or 2 nyelvid parameter to index.php...

7.5CVSS9.2AI score0.02155EPSS
Exploits0References3Affected Software1
Mageia
Mageiaadded 2015/03/06 6:8 p.m.25 views

Updated mapserver packages fix CVE-2013-7262 and packaging issues

Updated mapserver packages fix security vulnerability: SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TI...

6.8CVSS4.8AI score0.0222EPSS
Exploits1References3
Prion
Prionadded 2015/03/05 3:59 p.m.21 views

Sql injection

SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prodid parameter...

7.5CVSS9AI score0.04737EPSS
Exploits2References4Affected Software1
NVD
NVDadded 2015/03/03 7:59 p.m.20 views

CVE-2015-2196

SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the catid parameter in a spiderbigcalendarmonth action to wp-admin/admin-ajax.php...

7.5CVSS8.3AI score0.11182EPSS
Exploits1References1
Prion
Prionadded 2015/03/03 7:59 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow 1 remote authenticated users to execute arbitrary SQL commands via the itemid parameter in a wonderpluginaudiosaveitem action to wp-admin/admin-ajax.php or remote administrators to execut...

6.5CVSS8.8AI score0.02582EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2015/03/03 7:0 p.m.95 views

CVE-2015-2196

The CVE-2015-2196 issue affects WordPress Spider Event Calendar plugin (versions up to 1.4.9). The vulnerability arises in the spiderbigcalendar_month action when processing the cat_id parameter in wp-admin/admin-ajax.php, allowing an attacker to perform SQL injection. Impact described across sou...

7.5CVSS8.5AI score0.11182EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2015/02/28 12:0 a.m.4 views

ClipBucket SQL Injection Vulnerability

ClipBucket is open source free video sharing software. ClipBucket 2.7 RC3 SQL injection vulnerability , allowing remote attackers to execute arbitrary SQL commands via project parameters...

7.5CVSS8.9AI score0.02397EPSS
Exploits2References1
Prion
Prionadded 2015/02/27 3:59 p.m.11 views

Sql injection

SQL injection vulnerability in viewitem.php in ClipBucket 2.7 RC3 2.7.0.4.v2929-rc3 allows remote attackers to execute arbitrary SQL commands via the item parameter...

7.5CVSS9AI score0.02397EPSS
Exploits2References5Affected Software1
Prion
Prionadded 2015/02/26 3:59 p.m.15 views

Sql injection

SQL injection vulnerability in the ajaxsurvey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the surveyid parameter in an ajaxsurvey action to wp-admin/admin-ajax.php...

7.5CVSS9.1AI score0.04737EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2015/02/26 3:0 p.m.22 views

CVE-2015-2090

SQL injection vulnerability in the ajaxsurvey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the surveyid parameter in an ajaxsurvey action to wp-admin/admin-ajax.php...

8.3AI score0.04737EPSS
Exploits1References5
Patchstack
Patchstackadded 2015/02/26 12:0 a.m.9 views

WordPress IP Blacklist Cloud Plugin <= 3.4 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

5.5AI score
Exploits0References1Affected Software1
Prion
Prionadded 2015/02/24 5:59 p.m.10 views

Sql injection

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php...

7.5CVSS9.1AI score0.01255EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2015/02/24 5:59 p.m.15 views

Sql injection

SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed...

7.5CVSS9AI score0.02397EPSS
Exploits1References5Affected Software1
Prion
Prionadded 2015/02/24 5:59 p.m.18 views

Sql injection

SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery contus-video-gallery plugin before 2.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the vid parameter in a rss action to wp-admin/admin-ajax.php...

7.5CVSS9.1AI score0.4107EPSS
Exploits4References5Affected Software1
Cvelist
Cvelistadded 2015/02/24 5:0 p.m.16 views

CVE-2015-2066

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php...

8.4AI score0.01255EPSS
Exploits0References4
Rows per page
Query Builder