Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-07 | CVE-2017-12650 | SQL Injection vulnerability in Loginizer SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | 9.8 |
| 2017-08-07 | CVE-2017-12567 | SQL Injection vulnerability in Quest products SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2. | 9.8 |
| 2017-08-07 | CVE-2017-6757 | SQL Injection vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5)/11.0(1.10000.10)/11.5(1.10000.6) A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to conduct a blind SQL injection attack. | 8.8 |
| 2017-08-07 | CVE-2017-6754 | SQL Injection vulnerability in Cisco Smart NET Total Care Collector Appliance 3.11 A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance 3.11 could allow an authenticated, remote attacker to perform a read-only, blind SQL injection attack, which could allow the attacker to compromise the confidentiality of the system through SQL timing attacks. | 6.5 |
| 2017-08-06 | CVE-2017-12585 | SQL Injection vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. | 8.8 |
| 2017-08-04 | CVE-2017-10816 | SQL Injection vulnerability in Intercom Malion 5.2.1 SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to execute arbitrary SQL commands via Relay Service Server. | 9.8 |
| 2017-08-02 | CVE-2017-11388 | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. | 8.8 |
| 2017-08-02 | CVE-2017-11386 | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. | 9.8 |
| 2017-08-02 | CVE-2017-11385 | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. | 9.8 |
| 2017-08-02 | CVE-2017-11384 | SQL Injection vulnerability in Trendmicro Control Manager 6.0 SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. | 9.8 |