Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-29 | CVE-2017-17916 | SQL Injection vulnerability in Rubyonrails Rails SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. | 8.1 |
| 2017-12-29 | CVE-2014-4914 | SQL Injection vulnerability in multiple products The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. | 9.8 |
| 2017-12-28 | CVE-2017-17959 | SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. | 9.8 |
| 2017-12-28 | CVE-2017-17957 | SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter. | 9.8 |
| 2017-12-28 | CVE-2017-17951 | SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter. | 9.8 |
| 2017-12-28 | CVE-2017-17950 | SQL Injection vulnerability in Cells Blog 3.5 Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter. | 8.8 |
| 2017-12-28 | CVE-2017-17941 | SQL Injection vulnerability in Single Theater Booking Script Project Single Theater Booking Script 3.2.2 PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter. | 7.2 |
| 2017-12-28 | CVE-2015-3637 | SQL Injection vulnerability in PHPmybackuppro SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows remote attackers to execute arbitrary SQL commands via the username and password parameters. | 8.1 |
| 2017-12-27 | CVE-2017-17931 | SQL Injection vulnerability in Resume Clone Script Project Resume Clone Script 2.0.5 PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. | 9.8 |
| 2017-12-27 | CVE-2017-17928 | SQL Injection vulnerability in Ordermanagementscript Professional Service Script PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. | 9.8 |