Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-21 | CVE-2017-6050 | SQL Injection vulnerability in Ecava Integraxor A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. | 9.8 |
| 2017-06-19 | CVE-2017-9759 | SQL Injection vulnerability in Zenbership 1.0.8 SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account. | 8.8 |
| 2017-06-19 | CVE-2017-9730 | SQL Injection vulnerability in Dfsol Nuevomailer SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter. | 9.8 |
| 2017-06-14 | CVE-2017-9463 | SQL Injection vulnerability in Piwigo The application Piwigo is affected by a SQL injection vulnerability in version 2.9.0 and possibly prior. | 6.5 |
| 2017-06-13 | CVE-2017-9603 | SQL Injection vulnerability in Intensewp WP Jobs SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php. | 8.8 |
| 2017-06-13 | CVE-2017-9429 | SQL Injection vulnerability in Event List Project Event List 0.7.8 SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php. | 8.8 |
| 2017-06-13 | CVE-2017-9246 | SQL Injection vulnerability in Newrelic .Net Agent 6.2.26.0 New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause of an INSERT statement, after bypassing a SET SHOWPLAN_ALL ON protection mechanism. | 9.8 |
| 2017-06-13 | CVE-2017-6668 | SQL Injection vulnerability in Cisco Unified Communications Domain Manager 8.1(7)Er1 Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. | 4.9 |
| 2017-06-13 | CVE-2017-4974 | SQL Injection vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior to v30.1. | 6.5 |
| 2017-06-13 | CVE-2017-4972 | SQL Injection vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. | 7.5 |