Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8198 | 1 Huawei | 1 Fusionsphere | 2025-04-20 | N/A |
| FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying malicious SQL statements and send them to a target device. Successful exploit could allow the attacker to launch an SQL injection attack and execute SQL commands. | ||||
| CVE-2017-8789 | 1 Accellion | 1 File Transfer Appliance | 2025-04-20 | N/A |
| An issue was discovered on Accellion FTA devices before FTA_9_12_180. A report_error.php?year='payload SQL injection vector exists. | ||||
| CVE-2017-8796 | 1 Accellion | 1 File Transfer Appliance | 2025-04-20 | N/A |
| An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because mysql_real_escape_string is misused, seos/courier/communication_p2p.php allows SQL injection with the app_id parameter. | ||||
| CVE-2017-8835 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2025-04-20 | N/A |
| SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database. | ||||
| CVE-2017-8917 | 1 Joomla | 1 Joomla\! | 2025-04-20 | N/A |
| SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-9603 | 1 Intensewp | 1 Wp Jobs | 2025-04-20 | N/A |
| SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php. | ||||
| CVE-2017-9730 | 1 Dfsol | 1 Nuevomailer | 2025-04-20 | 9.8 Critical |
| SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter. | ||||
| CVE-2017-9759 | 1 Zenbership | 1 Zenbership | 2025-04-20 | N/A |
| SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account. | ||||
| CVE-2017-17588 | 1 Imdb Clone Project | 1 Imdb Clone | 2025-04-20 | 9.8 Critical |
| FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter. | ||||
| CVE-2017-17587 | 1 Indiamart Clone Project | 1 Indiamart Clone | 2025-04-20 | 9.8 Critical |
| FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter. | ||||
| CVE-2017-17586 | 1 Olx Clone Project | 1 Olx Clone | 2025-04-20 | 9.8 Critical |
| FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter. | ||||
| CVE-2017-17585 | 1 Monster Clone Project | 1 Monster Clone | 2025-04-20 | 9.8 Critical |
| FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter. | ||||
| CVE-2017-17584 | 1 Makemytrip Clone Project | 1 Makemytrip Clone | 2025-04-20 | 9.8 Critical |
| FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter. | ||||
| CVE-2017-17583 | 1 Shutterstock Clone Project | 1 Shutterstock Clone | 2025-04-20 | 9.8 Critical |
| FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. | ||||
| CVE-2017-17582 | 1 Grubhub Clone Project | 1 Grubhub Clone | 2025-04-20 | 9.8 Critical |
| FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter. | ||||
| CVE-2017-17581 | 1 Quibids Clone Project | 1 Quibids Clone | 2025-04-20 | 9.8 Critical |
| FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter. | ||||
| CVE-2017-17580 | 1 Linkedin Clone Project | 1 Linkedin Clone | 2025-04-20 | 9.8 Critical |
| FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. | ||||
| CVE-2017-17579 | 1 Freelancer Clone Project | 1 Freelancer Clone | 2025-04-20 | 9.8 Critical |
| FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter. | ||||
| CVE-2017-17578 | 1 Crowdfunding Script Project | 1 Crowdfunding Script | 2025-04-20 | 9.8 Critical |
| FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter. | ||||
| CVE-2017-17577 | 1 Trademe Clone Project | 1 Trademe Clone | 2025-04-20 | 9.8 Critical |
| FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter. | ||||