Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-08 | CVE-2017-5971 | SQL Injection vulnerability in Newsbee Project Newsbee SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands. | 9.8 |
| 2018-01-05 | CVE-2017-16716 | SQL Injection vulnerability in Advantech Webaccess A SQL Injection issue was discovered in WebAccess versions prior to 8.3. | 9.8 |
| 2018-01-04 | CVE-2017-14960 | SQL Injection vulnerability in Opentext Document Sciences Xpression 4.5 xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection. | 7.5 |
| 2018-01-02 | CVE-2017-1000444 | SQL Injection vulnerability in Openhacker Project Openhacker 0.1.47 Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution | 9.8 |
| 2018-01-01 | CVE-2018-3811 | SQL Injection vulnerability in Oturia Smart Google Code Inserter SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. | 9.8 |
| 2017-12-30 | CVE-2017-17983 | SQL Injection vulnerability in Muslim Matrimonial Script Project Muslim Matrimonial Script 3.0.3 PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter. | 8.8 |
| 2017-12-29 | CVE-2017-17920 | SQL Injection vulnerability in Rubyonrails Ruby on Rails SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. | 8.1 |
| 2017-12-29 | CVE-2017-17919 | SQL Injection vulnerability in Rubyonrails Ruby on Rails SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. | 8.1 |
| 2017-12-29 | CVE-2017-17917 | SQL Injection vulnerability in Rubyonrails Rails SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. | 8.1 |
| 2017-12-29 | CVE-2017-17916 | SQL Injection vulnerability in Rubyonrails Rails SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. | 8.1 |