Total
14647 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19221 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter. | |||||
| CVE-2018-19061 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter. | |||||
| CVE-2018-18982 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject SQL into an executing statement and allow arbitrary code execution. | |||||
| CVE-2018-18963 | 1 Degraupublicidade | 1 Degraupublicidade | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI. | |||||
| CVE-2018-18949 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. | |||||
| CVE-2018-18923 | 1 Abisoftgt | 1 Ticketly | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php. | |||||
| CVE-2018-18887 | 1 S-cms | 1 S-cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field). | |||||
| CVE-2018-18832 | 1 Dkcms | 1 Dkcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp. | |||||
| CVE-2018-18822 | 1 Grapixel | 1 New Media | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter. | |||||
| CVE-2018-18806 | 1 School Equipment Monitoring System Project | 1 School Equipment Monitoring System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to include/user.vb. | |||||
| CVE-2018-18805 | 1 Pointofsales Project | 1 Pointofsales | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb. | |||||
| CVE-2018-18804 | 1 Bakeshop Inventory System Project | 1 Bakeshop Inventory System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb. | |||||
| CVE-2018-18803 | 1 Curriculum Evaluation System Project | 1 Curriculum Evaluation System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb. | |||||
| CVE-2018-18801 | 1 Bsen Ordering Software Project | 1 Bsen Ordering Software | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or index.php?q=single-item&id=[SQL]. | |||||
| CVE-2018-18800 | 1 Tubigan | 1 Welcome To Our Resort | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php. | |||||
| CVE-2018-18798 | 1 School Attendance Monitoring System Project | 1 School Attendance Monitoring System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view. | |||||
| CVE-2018-18796 | 1 Library Management System Project | 1 Library Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Library Management System 1.0 has SQL Injection via the "Search for Books" screen. | |||||
| CVE-2018-18795 | 1 School Event Management System Project | 1 School Event Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter. | |||||
| CVE-2018-18792 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie. | |||||
| CVE-2018-18791 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie. | |||||