Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-31 | CVE-2017-15977 | SQL Injection vulnerability in Protectedlinks Expiring Download Links 1.0 Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | 9.8 |
| 2017-10-29 | CVE-2017-16000 | SQL Injection vulnerability in Eyesofnetwork 5.10 SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php. | 7.2 |
| 2017-10-29 | CVE-2017-15976 | SQL Injection vulnerability in Zeescripts Zeebuddy 2X ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604. | 9.8 |
| 2017-10-29 | CVE-2017-15975 | SQL Injection vulnerability in Vastal Dating Zone 0.9.9 Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461. | 9.8 |
| 2017-10-29 | CVE-2017-15974 | SQL Injection vulnerability in Datacomponents Tpanel 2009 tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php. | 9.8 |
| 2017-10-29 | CVE-2017-15973 | SQL Injection vulnerability in Sokial 1.0 Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. | 9.8 |
| 2017-10-29 | CVE-2017-15972 | SQL Injection vulnerability in Softdatepro Dating Software 1.3 SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971. | 9.8 |
| 2017-10-29 | CVE-2017-15971 | SQL Injection vulnerability in Softdatepro Same Date PRO 1.0 Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972. | 9.8 |
| 2017-10-29 | CVE-2017-15970 | SQL Injection vulnerability in PHPcityportal 2.0 PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. | 9.8 |
| 2017-10-29 | CVE-2017-15969 | SQL Injection vulnerability in Pilotgroup Allsharevideo 1.0 PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category. | 9.8 |