Total
15370 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6370 | 1 Neojoomla | 1 Neorecruit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI. | |||||
| CVE-2018-6368 | 1 Comdev | 1 Jomestate Pro | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action. | |||||
| CVE-2018-6367 | 1 Vastal | 1 I-tech Buddy Zone Facebook Clone | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 via the /chat_im/chat_window.php request_id parameter or the /search_events.php category parameter. | |||||
| CVE-2018-6365 | 1 Datacomponents | 1 Tsitebuilder | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /page_new.php. | |||||
| CVE-2018-6364 | 1 Multilanguage Real Estate Mlm Script Project | 1 Multilanguage Real Estate Mlm Script | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch parameter. | |||||
| CVE-2018-6363 | 1 Taskrabbit Clone Project | 1 Taskrabbit Clone | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php id parameter. | |||||
| CVE-2018-6330 | 1 Laravel | 1 Framework | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Laravel 5.4.15 is vulnerable to Error based SQL injection in save.php via dhx_user and dhx_version parameters. | |||||
| CVE-2018-6329 | 1 Unitrends | 1 Backup | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could be bypassed with a SQL injection, allowing a remote attacker to place a privilege escalation exploit on the target system and subsequently execute arbitrary commands. | |||||
| CVE-2018-6308 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track parameter to modules\Campaigns\Tracker.php and modules\Campaigns\utils.php, the default_currency_name parameter to modules\Configurator\controller.php and modules\Currencies\Currency.php, the duplicate parameter to modules\Contacts\ShowDuplicates.php, the mergecur parameter to modules\Currencies\index.php and modules\Opportunities\Opportunity.php, and the load_signed_id parameter to modules\Documents\Document.php. | |||||
| CVE-2018-6230 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 8.3 HIGH | 6.8 MEDIUM |
| A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | |||||
| CVE-2018-6229 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | |||||
| CVE-2018-6228 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | |||||
| CVE-2018-6024 | 1 Thethinkery | 1 Project Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter. | |||||
| CVE-2018-6006 | 1 Joomsky | 1 Js Autoz | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. | |||||
| CVE-2018-6005 | 1 Realpin Project | 1 Realpin | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter. | |||||
| CVE-2018-6004 | 1 Techsolsystem | 1 File Download Tracker | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter. | |||||
| CVE-2018-5994 | 1 Joomsky | 1 Js Jobs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. | |||||
| CVE-2018-5993 | 1 Aist Project | 1 Aist | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request. | |||||
| CVE-2018-5992 | 1 Staff Master Project | 1 Staff Master | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request. | |||||
| CVE-2018-5991 | 1 Web-dorado | 1 Form Maker | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798. | |||||