Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-29 | CVE-2017-15971 | SQL Injection vulnerability in Softdatepro Same Date PRO 1.0 Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972. | 9.8 |
| 2017-10-29 | CVE-2017-15970 | SQL Injection vulnerability in PHPcityportal 2.0 PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. | 9.8 |
| 2017-10-29 | CVE-2017-15969 | SQL Injection vulnerability in Pilotgroup Allsharevideo 1.0 PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category. | 9.8 |
| 2017-10-29 | CVE-2017-15968 | SQL Injection vulnerability in Contractorscripts Mybuildersite 1.0 MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter. | 9.8 |
| 2017-10-29 | CVE-2017-15967 | SQL Injection vulnerability in Mailing-Manager Mailing List Manager PRO 3.0 Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template. | 9.8 |
| 2017-10-29 | CVE-2017-15966 | SQL Injection vulnerability in ZH Yandexmap Project ZH Yandexmap 6.1.1.0 The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | 9.8 |
| 2017-10-29 | CVE-2017-15965 | SQL Injection vulnerability in Nswd NS Download Shop 2.2.6 The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action. | 9.8 |
| 2017-10-29 | CVE-2017-15964 | SQL Injection vulnerability in Nicephpscripts JOB Board Script Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI. | 9.8 |
| 2017-10-29 | CVE-2017-15963 | SQL Injection vulnerability in Itechscripts Gigs Script 1.21 iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. | 9.8 |
| 2017-10-29 | CVE-2017-15961 | SQL Injection vulnerability in Iproject Management System Project Iproject Management System 1.0 iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. | 9.8 |