Total
17701 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9333 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cforms2 plugin before 14.6.10 for WordPress has SQL injection. | |||||
| CVE-2015-9330 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection. | |||||
| CVE-2015-9326 | 1 Wpbusinessintelligence | 1 Wp Business Intelligence | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection. | |||||
| CVE-2015-9325 | 1 Bestwebsoft | 1 Visitors Online | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The visitors-online plugin before 0.4 for WordPress has SQL injection. | |||||
| CVE-2015-9323 | 1 Duckdev | 1 404 To 301 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. | |||||
| CVE-2015-9316 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. | |||||
| CVE-2015-9315 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newstatpress plugin before 1.0.1 for WordPress has SQL injection. | |||||
| CVE-2015-9313 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element. | |||||
| CVE-2015-9310 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. | |||||
| CVE-2015-9301 | 1 W3eden | 1 Live Forms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The liveforms plugin before 3.2.0 for WordPress has SQL injection. | |||||
| CVE-2015-9249 | 1 Skyboxsecurity | 1 Skybox Platform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview/webservice/services/VersionWebService via a soapenv:Body element. | |||||
| CVE-2015-9244 | 1 Mysqljs | 1 Mysql | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection. | |||||
| CVE-2015-8298 | 1 Rxtec | 1 Rxadmin | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm. | |||||
| CVE-2015-7567 | 1 Yeager | 1 Yeager Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter. | |||||
| CVE-2015-7342 | 1 Joobi | 1 Jnews | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field. | |||||
| CVE-2015-7340 | 1 Gwesystems | 1 Jevents | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action. | |||||
| CVE-2015-7338 | 1 Acyba | 1 Acymailing | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php. | |||||
| CVE-2015-5725 | 1 Codeigniter | 1 Codeigniter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable. | |||||
| CVE-2015-5617 | 1 Enorth | 1 Webpublisher Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in pub/m_pending_news/delete_pending_news.jsp in Enorth Webpublisher CMS allows remote attackers to execute arbitrary SQL commands via the cbNewsId parameter. | |||||
| CVE-2015-5591 | 1 Zenphoto | 1 Zenphoto | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in Zenphoto before 1.4.9 allow remote administrators to execute arbitrary SQL commands. | |||||