Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (17093 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-23262 1 Mingsoft 1 Mcms 2024-11-21 9.8 Critical
An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.
CVE-2020-23150 1 Rconfig 1 Rconfig 2024-11-21 7.5 High
A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.
CVE-2020-23149 1 Rconfig 1 Rconfig 2024-11-21 7.5 High
The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.
CVE-2020-23045 1 Macs Cms Project 1 Macs Cms 2024-11-21 7.2 High
Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection vulnerability via the 'roleId' parameter of the `editRole` and `deletUser` modules.
CVE-2020-22807 1 Vtiger 1 Vtiger Crm 2024-11-21 9.8 Critical
An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.
CVE-2020-22781 1 Etherpad 1 Etherpad 2024-11-21 7.5 High
In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechanism and cause a denial of service (crash the instance).
CVE-2020-22425 1 Centreon 1 Centreon 2024-11-21 8.8 High
Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution.
CVE-2020-22226 1 Phpjabbers 1 Fundraising Script 2024-11-21 9.8 Critical
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
CVE-2020-22225 1 Phpjabbers 1 Fundraising Script 2024-11-21 9.8 Critical
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.
CVE-2020-22223 1 Phpjabbers 1 Fundraising Script 2024-11-21 9.8 Critical
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.
CVE-2020-22212 1 74cms 1 74cms 2024-11-21 9.8 Critical
SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php.
CVE-2020-22211 1 74cms 1 74cms 2024-11-21 9.8 Critical
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
CVE-2020-22210 1 74cms 1 74cms 2024-11-21 9.8 Critical
SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
CVE-2020-22209 1 74cms 1 74cms 2024-11-21 9.8 Critical
SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.
CVE-2020-22208 1 74cms 1 74cms 2024-11-21 9.8 Critical
SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.
CVE-2020-22206 1 Shopex 1 Ecshop 2024-11-21 9.8 Critical
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.
CVE-2020-22205 1 Shopex 1 Ecshop 2024-11-21 9.8 Critical
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.
CVE-2020-22204 1 Shopex 1 Ecshop 2024-11-21 9.8 Critical
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .
CVE-2020-22203 1 Phpcms 1 Phpcms 2024-11-21 9.8 Critical
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php.
CVE-2020-22199 1 Phpcms 1 Phpcms 2024-11-21 9.8 Critical
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.