Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-21 | CVE-2017-6095 | SQL Injection vulnerability in Mail-Masta Project Mail-Masta 1.0 A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. | 9.8 |
| 2017-02-17 | CVE-2017-6065 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter. | 8.8 |
| 2017-02-17 | CVE-2017-5344 | SQL Injection vulnerability in Dotcms An issue was discovered in dotCMS through 3.6.1. | 9.8 |
| 2017-02-17 | CVE-2016-6233 | SQL Injection vulnerability in multiple products The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression. | 9.8 |
| 2017-02-17 | CVE-2016-4861 | SQL Injection vulnerability in multiple products The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation. | 9.8 |
| 2017-02-17 | CVE-2016-10134 | SQL Injection vulnerability in Zabbix SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php. | 9.8 |
| 2017-02-15 | CVE-2016-3694 | SQL Injection vulnerability in Modified Ecommerce Shopsoftware 2.0.0.0 Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to api/easybill/easybillcsv.php. | 9.8 |
| 2017-02-13 | CVE-2017-5154 | SQL Injection vulnerability in Advantech Webaccess 8.1 An issue was discovered in Advantech WebAccess Version 8.1. | 9.8 |
| 2017-02-13 | CVE-2017-5151 | SQL Injection vulnerability in Panasonic Video Insight web Client 6.3.5.11 An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. | 7.3 |
| 2017-02-13 | CVE-2016-9333 | SQL Injection vulnerability in Moxa Softcms An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. | 9.8 |