Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2018-02-17 CVE-2018-5974 SQL Injection vulnerability in Albonico Simplecalendar 3.1.9
SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter.
network
low complexity
albonico CWE-89
critical
 9.8
9.8
2018-02-17 CVE-2018-5971 SQL Injection vulnerability in Ordasoft Medialibrary 4.0.12
SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.
network
low complexity
ordasoft CWE-89
critical
 9.8
9.8
2018-02-17 CVE-2018-5970 SQL Injection vulnerability in Techjoomla Jgive 2.0.9
SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter.
network
low complexity
techjoomla CWE-89
critical
 9.8
9.8
2018-02-15 CVE-2017-5814 SQL Injection vulnerability in HP Network Automation
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
network
low complexity
hp CWE-89
critical
 9.8
9.8
2018-02-15 CVE-2017-5812 SQL Injection vulnerability in HP Network Automation
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
network
low complexity
hp CWE-89
7.5
7.5
2018-02-15 CVE-2017-5810 SQL Injection vulnerability in HP Network Automation
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
network
low complexity
hp CWE-89
critical
 9.8
9.8
2018-02-15 CVE-2017-15329 SQL Injection vulnerability in Huawei UMA Firmware V200R001C00
Huawei UMA V200R001C00 has a SQL injection vulnerability in the operation and maintenance module.
network
low complexity
huawei CWE-89
8.8
8.8
2018-02-13 CVE-2018-6928 SQL Injection vulnerability in News Website Script Project News Website Script 2.0.4
PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.
network
low complexity
news-website-script-project CWE-89
critical
 9.8
9.8
2018-02-12 CVE-2018-6893 SQL Injection vulnerability in Finecms 5.2.0
controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering.
network
low complexity
finecms CWE-89
critical
 9.8
9.8
2018-02-12 CVE-2018-6863 SQL Injection vulnerability in Select Your College Script Project Select Your College Script 2.0.2
SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter.
network
low complexity
select-your-college-script-project CWE-89
critical
 9.8
9.8