Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-14 | CVE-2018-5695 | SQL Injection vulnerability in Wpjobboard 4.4.4 The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the order or sort parameter to the wpjb-job or wpjb-alerts module, with a request to wp-admin/admin.php. | 7.2 |
| 2018-01-12 | CVE-2015-9249 | SQL Injection vulnerability in Skyboxsecurity Skybox Platform An issue was discovered in Skybox Platform before 7.5.201. | 9.8 |
| 2018-01-12 | CVE-2018-5315 | SQL Injection vulnerability in WP Events Calendar Project WP Events Calendar 1.0 The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php. | 9.8 |
| 2018-01-12 | CVE-2017-17970 | SQL Injection vulnerability in Muvikoscript Muviko 1.1 Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php. | 9.8 |
| 2018-01-12 | CVE-2018-5374 | SQL Injection vulnerability in Slidervilla Dbox Slider The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter). | 8.8 |
| 2018-01-12 | CVE-2018-5373 | SQL Injection vulnerability in Slidervilla Smooth Slider The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter). | 8.8 |
| 2018-01-12 | CVE-2018-5372 | SQL Injection vulnerability in Slidervilla Testimonial Slider The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter). | 8.8 |
| 2018-01-09 | CVE-2017-1670 | SQL Injection vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. | 9.8 |
| 2018-01-09 | CVE-2018-5211 | SQL Injection vulnerability in PHPsugar PHP Melody 2.7.1 PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist. | 9.8 |
| 2018-01-08 | CVE-2017-7997 | SQL Injection vulnerability in Gespage Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp. | 9.8 |