Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-12 | CVE-2018-14012 | SQL Injection vulnerability in Wolfsight CMS 3.2 WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI. | 9.8 |
| 2018-07-11 | CVE-2018-10197 | SQL Injection vulnerability in ELO Access Manager 10.17.120/9.17.120 There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. | 9.8 |
| 2018-07-10 | CVE-2018-13850 | SQL Injection vulnerability in Icanstudioz Firebase Push Notification on IOS / FCM + Advance Admin Panel 20171026 The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter. | 9.8 |
| 2018-07-09 | CVE-2018-12977 | SQL Injection vulnerability in Softexpert Excellence Suite 2.0 A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section. | 8.8 |
| 2018-07-09 | CVE-2013-3000 | SQL Injection vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7 SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2018-07-08 | CVE-2018-13450 | SQL Injection vulnerability in Dolibarr Erp/Crm 7.0.3 SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter. | 9.8 |
| 2018-07-08 | CVE-2018-13449 | SQL Injection vulnerability in Dolibarr Erp/Crm 7.0.3 SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter. | 9.8 |
| 2018-07-08 | CVE-2018-13448 | SQL Injection vulnerability in Dolibarr Erp/Crm 7.0.3 SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the country_id parameter. | 9.8 |
| 2018-07-08 | CVE-2018-13447 | SQL Injection vulnerability in Dolibarr Erp/Crm 7.0.3 SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter. | 9.8 |
| 2018-07-06 | CVE-2017-11088 | SQL Injection vulnerability in Qualcomm products Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845. | 9.8 |