Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-31 | CVE-2017-15991 | SQL Injection vulnerability in Vastal Agent Zone Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982. | 9.8 |
| 2017-10-31 | CVE-2017-15989 | SQL Injection vulnerability in Online Exam Test Application Project Online Exam Test Application Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action. | 9.8 |
| 2017-10-31 | CVE-2017-15988 | SQL Injection vulnerability in Nicephpscripts Nice PHP FAQ Script Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525. | 9.8 |
| 2017-10-31 | CVE-2017-15987 | SQL Injection vulnerability in Fake Magazine Cover Script Project Fake Magazine Cover Script Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter. | 9.8 |
| 2017-10-31 | CVE-2017-15986 | SQL Injection vulnerability in CPA Lead Reward Script Project CPA Lead Reward Script CPA Lead Reward Script allows SQL Injection via the username parameter. | 9.8 |
| 2017-10-31 | CVE-2017-15985 | SQL Injection vulnerability in Readymadeb2Bscript Basic B2B Script Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter. | 9.8 |
| 2017-10-31 | CVE-2017-15984 | SQL Injection vulnerability in Bekirk Creative Management System Lite 1.4 Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | 9.8 |
| 2017-10-31 | CVE-2017-15983 | SQL Injection vulnerability in Geniusocean Mymagazine Magazine & Blog CMS 1.0 MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | 9.8 |
| 2017-10-31 | CVE-2017-15982 | SQL Injection vulnerability in Geniusocean News 1.0 Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | 9.8 |
| 2017-10-31 | CVE-2017-15981 | SQL Injection vulnerability in Geniusocean Newspaper 1.0 Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | 9.8 |