Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-01 | CVE-2017-16893 | SQL Injection vulnerability in Piwigo The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. | 6.5 |
| 2017-12-01 | CVE-2017-10899 | SQL Injection vulnerability in Ark-Web A-Reserve 3.8.6 SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-12-01 | CVE-2017-10898 | SQL Injection vulnerability in Ark-Web A-Member 3.8.6 SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-11-30 | CVE-2017-12364 | SQL Injection vulnerability in Cisco Prime Service Catalog 11.1.1/12.0/12.1 A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. | 6.5 |
| 2017-11-27 | CVE-2017-16961 | SQL Injection vulnerability in Bigtreecms Bigtree CMS A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. | 6.5 |
| 2017-11-27 | CVE-2017-16955 | SQL Injection vulnerability in Inlinks Project Inlinks 1.0 SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php. | 8.8 |
| 2017-11-22 | CVE-2017-8198 | SQL Injection vulnerability in Huawei Fusionsphere V100R006C00Spc102(Nfv) FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability. | 7.2 |
| 2017-11-21 | CVE-2015-3934 | SQL Injection vulnerability in Fiyo CMS 2.0.1.9.1 Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login. | 9.8 |
| 2017-11-20 | CVE-2017-16896 | SQL Injection vulnerability in Tt-Rss Tiny RSS 17.4 A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter. | 9.8 |
| 2017-11-17 | CVE-2017-1000129 | SQL Injection vulnerability in S9Y Serendipity 2.0.3 Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure | 7.5 |