Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-07 | CVE-2017-1356 | SQL Injection vulnerability in IBM Atlas Ediscovery Process Management IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. | 8.8 |
| 2017-12-04 | CVE-2017-17103 | SQL Injection vulnerability in Fiyo CMS 2.0.7 Fiyo CMS 2.0.7 has SQL injection in /apps/app_user/sys_user.php via $_POST[name] or $_POST[email]. | 8.8 |
| 2017-12-04 | CVE-2017-17102 | SQL Injection vulnerability in Fiyo CMS 2.0.7 Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link']. | 7.5 |
| 2017-12-01 | CVE-2017-16893 | SQL Injection vulnerability in Piwigo The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. | 6.5 |
| 2017-12-01 | CVE-2017-10899 | SQL Injection vulnerability in Ark-Web A-Reserve 3.8.6 SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-12-01 | CVE-2017-10898 | SQL Injection vulnerability in Ark-Web A-Member 3.8.6 SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-11-30 | CVE-2017-12364 | SQL Injection vulnerability in Cisco Prime Service Catalog 11.1.1/12.0/12.1 A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. | 6.5 |
| 2017-11-27 | CVE-2017-16961 | SQL Injection vulnerability in Bigtreecms Bigtree CMS A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. | 6.5 |
| 2017-11-27 | CVE-2017-16955 | SQL Injection vulnerability in Inlinks Project Inlinks 1.0 SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php. | 8.8 |
| 2017-11-22 | CVE-2017-8198 | SQL Injection vulnerability in Huawei Fusionsphere V100R006C00Spc102(Nfv) FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability. | 7.2 |