Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-31 | CVE-2017-14076 | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id parameter to linksmanage.php in an editlink action. | 9.8 |
| 2017-08-31 | CVE-2017-14069 | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php. | 9.8 |
| 2017-08-30 | CVE-2017-12710 | SQL Injection vulnerability in Advantech Webaccess A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. | 7.5 |
| 2017-08-29 | CVE-2015-8334 | SQL Injection vulnerability in Huawei Vcn500 Firmware V100R002C00Spc200/V100R002C00Spc200B010 SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request. | 8.8 |
| 2017-08-29 | CVE-2015-7517 | SQL Injection vulnerability in Labwebdesigns Double Opt-In for Download Multiple SQL injection vulnerabilities in the Double Opt-In for Download plugin before 2.0.9 for WordPress allow remote attackers to execute arbitrary SQL commands via the ver parameter to (1) class-doifd-download.php or (2) class-doifd-landing-page.php in public/includes/. | 9.8 |
| 2017-08-29 | CVE-2017-10842 | SQL Injection vulnerability in Basercms SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-08-29 | CVE-2017-10839 | SQL Injection vulnerability in Seopanel SEO Panel SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2017-08-28 | CVE-2014-9558 | SQL Injection vulnerability in Smartcms 2.0 Multiple SQL injection vulnerabilities in SmartCMS v.2. | 9.8 |
| 2017-08-24 | CVE-2015-8355 | SQL Injection vulnerability in Orion-Soft Bitrix 2.1.2 Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" parameter to admin/orion.extfeedbackform_efbf_forms.php. | 8.8 |
| 2017-08-24 | CVE-2017-13669 | SQL Injection vulnerability in Nexusphp 1.5 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php. | 9.8 |