| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060. |
| Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter. |
| Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter. |
| Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. |
| Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter. |
| Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter. |
| DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter. |
| PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. |
| SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php. |
| PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. |
| A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: subscriber_email. |
| Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. |
| A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id. |
| Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter. |
| The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section. |
| FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter. |
| FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter. |
| A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information. |
| A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id. |
