Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-06-12	CVE-2017-9418	SQL Injection vulnerability in Goldplugins Testimonials Plugin Easy Testimonials 3.4.1 SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php. network low complexity goldplugins CWE-89	8.8
2017-06-09	CVE-2017-2195	SQL Injection vulnerability in Multi Feed Reader Project Multi Feed Reader SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity multi-feed-reader-project CWE-89	8.8
2017-06-09	CVE-2016-7803	SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. network low complexity cybozu CWE-89	8.8
2017-06-08	CVE-2016-2034	SQL Injection vulnerability in Arubanetworks Clearpass SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. network low complexity arubanetworks CWE-89 critical	9.8
2017-06-07	CVE-2015-7346	SQL Injection vulnerability in Zcms Project Zcms 1.1 SQL injection vulnerability in ZCMS 1.1. network low complexity zcms-project CWE-89 critical	9.8
2017-06-06	CVE-2017-9449	SQL Injection vulnerability in Bigtreecms Bigtree CMS SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. network low complexity bigtreecms CWE-89	8.8
2017-06-05	CVE-2017-9443	SQL Injection vulnerability in Bigtreecms Bigtree CMS BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. network low complexity bigtreecms CWE-89	8.8
2017-06-05	CVE-2017-9437	SQL Injection vulnerability in Openbravo ERP 3.0 Openbravo Business Suite 3.0 is affected by SQL injection. network low complexity openbravo CWE-89	8.8
2017-06-05	CVE-2017-9436	SQL Injection vulnerability in Teampass TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php. network low complexity teampass CWE-89 critical	9.8
2017-06-05	CVE-2017-9435	SQL Injection vulnerability in Dolibarr Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters). network low complexity dolibarr CWE-89 critical	9.8