Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-13 | CVE-2014-100020 | SQL Injection vulnerability in Itechscripts Itechclassifieds 3.03.057 SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. | 7.5 |
| 2015-01-13 | CVE-2014-100019 | SQL Injection vulnerability in Pomm-Project Pomm 1.1.4 SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2015-01-13 | CVE-2014-100012 | SQL Injection vulnerability in Sendy 1.1.8.4 SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter. | 7.5 |
| 2015-01-13 | CVE-2014-100011 | SQL Injection vulnerability in Sendy 1.1.9.1 SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter. | 7.5 |
| 2015-01-13 | CVE-2014-10029 | SQL Injection vulnerability in Fluxbb SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter. | 7.5 |
| 2015-01-13 | CVE-2014-10023 | SQL Injection vulnerability in Topicsviewer 3.0 Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/. | 7.5 |
| 2015-01-13 | CVE-2014-10020 | SQL Injection vulnerability in Tecorange Simple E-Document 1.31 SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
| 2015-01-13 | CVE-2014-10017 | SQL Injection vulnerability in Welcart E-Commerce 1.3.12 Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php. | 7.5 |
| 2015-01-13 | CVE-2014-10015 | SQL Injection vulnerability in PHPjabbers Event Booking Calendar 2.0 SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
| 2015-01-13 | CVE-2014-10013 | SQL Injection vulnerability in Awpcp Another Wordpress Classifieds Plugin 3.3.1 SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action. | 7.5 |