Search Results (19646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-5517 1 Metalgenix 1 Genixcms 2025-04-20 N/A
SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2017-5519 1 Metalgenix 1 Genixcms 2025-04-20 N/A
SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2017-1183 1 Ibm 1 Tivoli Monitoring 2025-04-20 N/A
IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.
CVE-2017-12949 1 Podlove 1 Podlove Podcast Publisher 2025-04-20 N/A
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.
CVE-2017-12227 1 Cisco 1 Emergency Responder 2025-04-20 N/A
A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL queries that bypass protection filters. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements. An exploit could allow the attacker to view or modify entries in some database tables, affecting the integrity of the data. Cisco Bug IDs: CSCvb58973.
CVE-2017-14652 1 Tapatalk 1 Tapatalk 2025-04-20 N/A
SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as part of the user registration process.
CVE-2017-16561 1 Ingenious School Management System Project 1 Ingenious School Management System 2025-04-20 N/A
/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request.
CVE-2017-17610 1 E-commerce Mlm Software Project 1 E-commerce Mlm Software 2025-04-20 N/A
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
CVE-2017-17892 1 Readymade Video Sharing Script Project 1 Readymade Video Sharing Script 2025-04-20 N/A
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.
CVE-2017-17615 1 Facebook Clone Script Project 1 Facebook Clone Script 2025-04-20 N/A
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
CVE-2017-17622 1 Online Exam Test Application Script Project 1 Online Exam Test Application Script 2025-04-20 N/A
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
CVE-2017-17623 1 Opensource Classified Ads Script Project 1 Opensource Classified Ads Script 2025-04-20 N/A
Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.
CVE-2017-17624 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2025-04-20 N/A
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
CVE-2017-17627 1 Readymade Video Sharing Script Project 1 Readymade Video Sharing Script 2025-04-20 N/A
Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.
CVE-2017-17629 1 Secure E-commerce Script Project 1 Secure E-commerce Script 2025-04-20 N/A
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.
CVE-2017-17643 1 Lynda Clone Project 1 Lynda Clone 2025-04-20 9.8 Critical
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
CVE-2017-17645 1 Phpautoclassifiedscript 1 Bus Booking Script 2025-04-20 N/A
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
CVE-2017-17648 1 Entrepreneur Dating Script Project 1 Entrepreneur Dating Script 2025-04-20 N/A
Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.
CVE-2017-17651 1 Paid To Read Script Project 1 Paid To Read Script 2025-04-20 N/A
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
CVE-2017-17695 1 Techno - Portfolio Management Panel Project 1 Techno - Portfolio Management Panel 2025-04-20 N/A
Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter.