Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2015-8334 | SQL Injection vulnerability in Huawei Vcn500 Firmware V100R002C00Spc200/V100R002C00Spc200B010 SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request. | 8.8 |
| 2017-08-29 | CVE-2015-7517 | SQL Injection vulnerability in Labwebdesigns Double Opt-In for Download Multiple SQL injection vulnerabilities in the Double Opt-In for Download plugin before 2.0.9 for WordPress allow remote attackers to execute arbitrary SQL commands via the ver parameter to (1) class-doifd-download.php or (2) class-doifd-landing-page.php in public/includes/. | 9.8 |
| 2017-08-29 | CVE-2017-10842 | SQL Injection vulnerability in Basercms SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-08-29 | CVE-2017-10839 | SQL Injection vulnerability in Seopanel SEO Panel SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2017-08-28 | CVE-2014-9558 | SQL Injection vulnerability in Smartcms 2.0 Multiple SQL injection vulnerabilities in SmartCMS v.2. | 9.8 |
| 2017-08-24 | CVE-2015-8355 | SQL Injection vulnerability in Orion-Soft Bitrix 2.1.2 Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" parameter to admin/orion.extfeedbackform_efbf_forms.php. | 8.8 |
| 2017-08-24 | CVE-2017-13669 | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php. | 9.8 |
| 2017-08-24 | CVE-2017-12679 | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php. | 9.8 |
| 2017-08-23 | CVE-2017-13137 | SQL Injection vulnerability in Formcrafts Formcraft 1.0.5 The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php. | 9.8 |
| 2017-08-21 | CVE-2017-12981 | SQL Injection vulnerability in Nexusphp 1.5 NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action. | 9.8 |