Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-24	CVE-2018-5384	SQL Injection vulnerability in Navarino Infinity 2.2 Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. network low complexity navarino CWE-89 critical	9.8
2018-07-24	CVE-2017-3181	SQL Injection vulnerability in Tibco products Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. network low complexity tibco CWE-89 critical	9.8
2018-07-23	CVE-2018-14515	SQL Injection vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0 A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter. network low complexity wuzhi-cms-project CWE-89 critical	9.8
2018-07-22	CVE-2018-14501	SQL Injection vulnerability in Joyplus Project Joyplus-Cms 1.6.0 manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an "m_id=1 AND SLEEP(5)" substring. network low complexity joyplus-project CWE-89 critical	9.8
2018-07-20	CVE-2018-14472	SQL Injection vulnerability in Wuzhicms 4.1.0 An issue was discovered in WUZHI CMS 4.1.0. network low complexity wuzhicms CWE-89	7.2
2018-07-20	CVE-2018-14418	SQL Injection vulnerability in Msvod CMS 10 In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI. network low complexity msvod CWE-89 critical	9.8
2018-07-20	CVE-2018-14440	SQL Injection vulnerability in SSH Companywebsite Project SSH Companywebsite 20180503 An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. network low complexity ssh-companywebsite-project CWE-89 critical	9.8
2018-07-18	CVE-2018-14389	SQL Injection vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0 joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter. network low complexity joyplus-cms-project CWE-89 critical	9.8
2018-07-15	CVE-2018-14066	SQL Injection vulnerability in Google Android 6.0/7.0 The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. network low complexity google CWE-89 critical	9.8
2018-07-13	CVE-2016-6566	SQL Injection vulnerability in Sungardas Etrakit3 3.2.1.17 The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. network low complexity sungardas CWE-89 critical	9.8