Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-27 | CVE-2017-17899 | SQL Injection vulnerability in Dolibarr Erp/Crm 6.0.4 SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter. | 9.8 |
| 2017-12-27 | CVE-2017-17897 | SQL Injection vulnerability in Dolibarr Erp/Crm 6.0.4 SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 9.8 |
| 2017-12-27 | CVE-2017-17895 | SQL Injection vulnerability in Basic JOB Site Script Project Basic JOB Site Script Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI. | 9.8 |
| 2017-12-27 | CVE-2017-17892 | SQL Injection vulnerability in Readymade Video Sharing Script Project Readymade Video Sharing Script 3.2 Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter. | 9.8 |
| 2017-12-27 | CVE-2017-17875 | SQL Injection vulnerability in Jextn FAQ PRO 4.0.0 The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action. | 9.8 |
| 2017-12-27 | CVE-2017-17873 | SQL Injection vulnerability in Vanguard Project Marketplace Digital products PHP 1.4.0 Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. | 9.8 |
| 2017-12-27 | CVE-2017-17872 | SQL Injection vulnerability in Jextn Video Gallery 3.0.5 The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action. | 9.8 |
| 2017-12-27 | CVE-2017-17871 | SQL Injection vulnerability in Jextn Question and Answer 3.1.0 The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter. | 9.8 |
| 2017-12-27 | CVE-2017-17870 | SQL Injection vulnerability in Jbuildozer 1.4.1 The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action. | 9.8 |
| 2017-12-21 | CVE-2017-0304 | SQL Injection vulnerability in F5 Big-Ip Advanced Firewall Manager A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.1.1, 12.1.2 and 13.0.0 that may allow a copy of the firewall rules to be tampered with and impact the Configuration Utility until there is a resync of the rules. | 5.4 |