Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-03 | CVE-2015-1405 | SQL Injection vulnerability in Content Rating Extbase Project Content Rating Extbase 2.0.3 SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2015-02-03 | CVE-2015-1403 | SQL Injection vulnerability in Content Rating Project Content Rating 1.0.3 SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2015-02-03 | CVE-2015-1400 | SQL Injection vulnerability in Npds Revolution 13.0 SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter. | 7.5 |
| 2015-02-02 | CVE-2015-1450 | SQL Injection vulnerability in Restaurantbiller Restaurant Biller SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php. | 7.5 |
| 2015-02-02 | CVE-2015-1393 | SQL Injection vulnerability in 10Web Photo Gallery SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php. | 6.5 |
| 2015-01-29 | CVE-2015-1423 | SQL Injection vulnerability in Jakweb Gecko CMS 2.2/2.3 Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php. | 6.5 |
| 2015-01-27 | CVE-2015-1372 | SQL Injection vulnerability in Ferretcms Project Ferretcms 1.0.4 SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php. | 7.5 |
| 2015-01-27 | CVE-2015-1369 | SQL Injection vulnerability in Sequelize Project Sequelize SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js allows remote attackers to execute arbitrary SQL commands via the order parameter. | 7.5 |
| 2015-01-27 | CVE-2015-1367 | SQL Injection vulnerability in Catbot Project Catbot 0.4.2 SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote attackers to execute arbitrary SQL commands via the lastcatbot parameter. | 7.5 |
| 2015-01-27 | CVE-2015-1364 | SQL Injection vulnerability in Freereprintables Articlefr 3.0.5 SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/. | 7.5 |