Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-07 | CVE-2015-7346 | SQL Injection vulnerability in Zcms Project Zcms 1.1 SQL injection vulnerability in ZCMS 1.1. | 9.8 |
| 2017-06-06 | CVE-2017-9449 | SQL Injection vulnerability in Bigtreecms Bigtree CMS SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. | 8.8 |
| 2017-06-05 | CVE-2017-9443 | SQL Injection vulnerability in Bigtreecms Bigtree CMS BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. | 8.8 |
| 2017-06-05 | CVE-2017-9437 | SQL Injection vulnerability in Openbravo ERP 3.0 Openbravo Business Suite 3.0 is affected by SQL injection. | 8.8 |
| 2017-06-05 | CVE-2017-9436 | SQL Injection vulnerability in Teampass TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php. | 9.8 |
| 2017-06-05 | CVE-2017-9435 | SQL Injection vulnerability in Dolibarr Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters). | 9.8 |
| 2017-06-05 | CVE-2017-8835 | SQL Injection vulnerability in Peplink products SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. | 9.8 |
| 2017-06-04 | CVE-2017-9427 | SQL Injection vulnerability in Bigtreecms Bigtree CMS SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. | 8.8 |
| 2017-06-02 | CVE-2017-9360 | SQL Injection vulnerability in Websitebaker 2.10.0 WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php. | 9.8 |
| 2017-05-29 | CVE-2016-10379 | SQL Injection vulnerability in Virtuemart 3.0.14 The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php. | 7.2 |