Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-17 | CVE-2017-12910 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter. | 9.8 |
2017-08-17 | CVE-2017-12909 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 9.8 |
2017-08-17 | CVE-2017-12908 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter. | 9.8 |
2017-08-11 | CVE-2015-3616 | SQL Injection vulnerability in Fortinet Fortimanager Firmware SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters. | 9.8 |
2017-08-10 | CVE-2017-1174 | SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. | 8.8 |
2017-08-09 | CVE-2017-12774 | SQL Injection vulnerability in Finecms Project Finecms 1.9.5 finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database | 9.8 |
2017-08-09 | CVE-2015-0782 | SQL Injection vulnerability in Novell Zenworks Configuration Management SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2017-08-09 | CVE-2015-0780 | SQL Injection vulnerability in Novell Zenworks Configuration Management SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2017-08-07 | CVE-2017-12650 | SQL Injection vulnerability in Loginizer SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | 9.8 |
2017-08-07 | CVE-2017-12567 | SQL Injection vulnerability in Quest products SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2. | 9.8 |