Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-17 | CVE-2018-5992 | SQL Injection vulnerability in Staff Master Project Staff Master 1.0 SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request. | 9.8 |
| 2018-02-17 | CVE-2018-5991 | SQL Injection vulnerability in Web-Dorado Form Maker 3.6.12 SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798. | 9.8 |
| 2018-02-17 | CVE-2018-5990 | SQL Injection vulnerability in Allvideos Reloaded Project Allvideos Reloaded SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter. | 9.8 |
| 2018-02-17 | CVE-2018-5989 | SQL Injection vulnerability in Chillcreations Ccnewsletter SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099. | 9.8 |
| 2018-02-17 | CVE-2018-5987 | SQL Injection vulnerability in Social Pinboard Project Social Pinboard 2.0 SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action. | 9.8 |
| 2018-02-17 | CVE-2018-5983 | SQL Injection vulnerability in Jquickcontact Project Jquickcontact 1.3.2.2.1 SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request. | 9.8 |
| 2018-02-17 | CVE-2018-5982 | SQL Injection vulnerability in Ordasoft Advertisement Board 3.1.0 SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | 9.8 |
| 2018-02-17 | CVE-2018-5981 | SQL Injection vulnerability in Web-Dorado Gallery WD 1.3.6 SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | 9.8 |
| 2018-02-17 | CVE-2018-5980 | SQL Injection vulnerability in Solidres 2.5.1 SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action. | 9.8 |
| 2018-02-17 | CVE-2018-5975 | SQL Injection vulnerability in Thekrotek Smart Shoutbox 3.0.0 SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI. | 9.8 |