Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-14 | CVE-2017-9463 | SQL Injection vulnerability in Piwigo The application Piwigo is affected by a SQL injection vulnerability in version 2.9.0 and possibly prior. | 6.5 |
| 2017-06-13 | CVE-2017-9603 | SQL Injection vulnerability in Intensewp WP Jobs SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php. | 8.8 |
| 2017-06-13 | CVE-2017-9429 | SQL Injection vulnerability in Event List Project Event List 0.7.8 SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php. | 8.8 |
| 2017-06-13 | CVE-2017-9246 | SQL Injection vulnerability in Newrelic .Net Agent 6.2.26.0 New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause of an INSERT statement, after bypassing a SET SHOWPLAN_ALL ON protection mechanism. | 9.8 |
| 2017-06-13 | CVE-2017-6668 | SQL Injection vulnerability in Cisco Unified Communications Domain Manager 8.1(7)Er1 Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. | 4.9 |
| 2017-06-13 | CVE-2017-4974 | SQL Injection vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.13, 24.x versions prior to v24.8, and other versions prior to v30.1. | 6.5 |
| 2017-06-13 | CVE-2017-4972 | SQL Injection vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. | 7.5 |
| 2017-06-12 | CVE-2017-9418 | SQL Injection vulnerability in Goldplugins Testimonials Plugin Easy Testimonials 3.4.1 SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php. | 8.8 |
| 2017-06-09 | CVE-2017-2195 | SQL Injection vulnerability in Multi Feed Reader Project Multi Feed Reader SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7803 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. | 8.8 |