Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-8929 | SQL Injection vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 5.4 |
| 2017-02-01 | CVE-2016-8928 | SQL Injection vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 7.6 |
| 2017-02-01 | CVE-2016-5952 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. | 8.8 |
| 2017-02-01 | CVE-2016-5939 | SQL Injection vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 6.3 |
| 2017-02-01 | CVE-2016-3046 | SQL Injection vulnerability in IBM products IBM Security Access Manager for Web is vulnerable to SQL injection. | 2.7 |
| 2017-01-31 | CVE-2016-9416 | SQL Injection vulnerability in Mybb Merge System and Mybb SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-01-31 | CVE-2016-9402 | SQL Injection vulnerability in Mybb SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
| 2017-01-31 | CVE-2015-8974 | SQL Injection vulnerability in Mybb Merge System and Mybb SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 10.0 |
| 2017-01-30 | CVE-2017-5611 | SQL Injection vulnerability in multiple products SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name. | 9.8 |
| 2017-01-28 | CVE-2017-5609 | SQL Injection vulnerability in S9Y Serendipity 2.0.5 SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter. | 8.8 |