Vulnerabilities > WEB Dorado > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-17 | CVE-2018-5991 | SQL Injection vulnerability in Web-Dorado Form Maker 3.6.12 SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798. | 9.8 |
| 2018-02-17 | CVE-2018-5981 | SQL Injection vulnerability in Web-Dorado Gallery WD 1.3.6 SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | 9.8 |
| 2017-07-25 | CVE-2015-2798 | SQL Injection vulnerability in Web-Dorado Contact Form Maker 1.0.1 SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 9.8 |
| 2017-04-12 | CVE-2017-7719 | SQL Injection vulnerability in Web-Dorado Spider Event Calendar SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | 9.8 |