Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2017-15977 Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
CVE-2017-15978 AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
CVE-2017-15979 Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter.
Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter.
CVE-2017-15980 US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter.
US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter.
CVE-2017-15981 SQL Injection in sqli (CVE-2017-15981)
SQL injection in sqli (CVE-2017-15981). Successful exploitation can lead to full system takeover.
CVE-2017-15982 SQL Injection in sqli (CVE-2017-15982)
SQL injection in sqli (CVE-2017-15982). Successful exploitation can lead to full system takeover.
CVE-2017-15983 SQL Injection in sqli (CVE-2017-15983)
SQL injection in sqli (CVE-2017-15983). Successful exploitation can lead to full system takeover.
CVE-2017-15984 Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.
Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.
CVE-2017-15985 Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
CVE-2017-15986 CPA Lead Reward Script allows SQL Injection via the username parameter.
CPA Lead Reward Script allows SQL Injection via the username parameter.
CVE-2017-15987 SQL Injection in sqli (CVE-2017-15987)
SQL injection in sqli (CVE-2017-15987). Successful exploitation can lead to full system takeover.
CVE-2017-15988 SQL Injection in sqli (CVE-2017-15988)
SQL injection in sqli (CVE-2017-15988). Successful exploitation can lead to full system takeover.
CVE-2017-15989 SQL Injection in sqli (CVE-2017-15989)
SQL injection in sqli (CVE-2017-15989). Successful exploitation can lead to full system takeover.
CVE-2017-15991 SQL Injection in sqli (CVE-2017-15991)
SQL injection in sqli (CVE-2017-15991). Successful exploitation can lead to full system takeover.
CVE-2017-15992 Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
CVE-2017-15993 Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.
Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.
CVE-2017-15597 Buffer Overflow in privilege-escalation (CVE-2017-15597)
vulnerability in privilege-escalation (CVE-2017-15597). Successful exploitation can lead to full system takeover.
CVE-2012-5358 Vulnerability in dos (CVE-2012-5358)
vulnerability in dos (CVE-2012-5358). Successful exploitation can lead to full system takeover.
CVE-2015-3249 Buffer Overflow in c (CVE-2015-3249)
vulnerability in c (CVE-2015-3249). Successful exploitation can lead to full system takeover.
CVE-2017-15975 SQL Injection in sqli (CVE-2017-15975)
SQL injection in sqli (CVE-2017-15975). Successful exploitation can lead to full system takeover.
CVE-2017-15976 SQL Injection in sqli (CVE-2017-15976)
SQL injection in sqli (CVE-2017-15976). Successful exploitation can lead to full system takeover.
CVE-2017-15958 D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.
D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.
CVE-2017-15959 SQL Injection in sqli (CVE-2017-15959)
SQL injection in sqli (CVE-2017-15959). Successful exploitation can lead to full system takeover.
CVE-2017-15960 SQL Injection in sqli (CVE-2017-15960)
SQL injection in sqli (CVE-2017-15960). Successful exploitation can lead to full system takeover.
CVE-2017-15961 iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.
CVE-2017-15963 SQL Injection in sqli (CVE-2017-15963)
SQL injection in sqli (CVE-2017-15963). Successful exploitation can lead to full system takeover.
CVE-2017-15964 Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.
Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.
CVE-2017-15965 SQL Injection in sqli (CVE-2017-15965)
SQL injection in sqli (CVE-2017-15965). Successful exploitation can lead to full system takeover.
CVE-2017-15966 SQL Injection in sqli (CVE-2017-15966)
SQL injection in sqli (CVE-2017-15966). Successful exploitation can lead to full system takeover.
CVE-2017-15967 SQL Injection in sqli (CVE-2017-15967)
SQL injection in sqli (CVE-2017-15967). Successful exploitation can lead to full system takeover.
CVE-2017-15968 MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.
MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.
CVE-2017-15969 SQL Injection in sqli (CVE-2017-15969)
SQL injection in sqli (CVE-2017-15969). Successful exploitation can lead to full system takeover.
CVE-2017-15970 SQL Injection in sqli (CVE-2017-15970)
SQL injection in sqli (CVE-2017-15970). Successful exploitation can lead to full system takeover.
CVE-2017-15971 SQL Injection in sqli (CVE-2017-15971)
SQL injection in sqli (CVE-2017-15971). Successful exploitation can lead to full system takeover.
CVE-2017-15972 SQL Injection in sqli (CVE-2017-15972)
SQL injection in sqli (CVE-2017-15972). Successful exploitation can lead to full system takeover.
CVE-2017-15973 SQL Injection in sqli (CVE-2017-15973)
SQL injection in sqli (CVE-2017-15973). Successful exploitation can lead to full system takeover.
CVE-2017-15974 tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.
tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.
CVE-2017-15946 SQL Injection in sqli (CVE-2017-15946)
SQL injection in sqli (CVE-2017-15946). Successful exploitation can lead to full system takeover. Exploitable via ``tag``.
CVE-2014-2023 SQL Injection in sqli (CVE-2014-2023)
SQL injection in sqli (CVE-2014-2023). Successful exploitation can lead to full system takeover.
CVE-2017-15919 SQL Injection in wordpress (CVE-2017-15919)
SQL injection in wordpress (CVE-2017-15919). Successful exploitation can lead to full system takeover.
CVE-2017-15907 SQL Injection in sqli (CVE-2017-15907)
SQL injection in sqli (CVE-2017-15907). Successful exploitation can lead to full system takeover.
CVE-2017-14695 Path Traversal in salt (CVE-2017-14695)
path traversal in salt (CVE-2017-14695). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `80d90307b07b3703428ecbb7c8bb468e28a9ae6d, 2016.3.8, 2016.11.8, 2017.7.2` or later.
CVE-2017-15081 In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
CVE-2012-4570 SQL Injection in sqli (CVE-2012-4570)
SQL injection in sqli (CVE-2012-4570). Successful exploitation can lead to full system takeover.
CVE-2017-15381 SQL Injection in sqli (CVE-2017-15381)
SQL injection in sqli (CVE-2017-15381). Successful exploitation can lead to full system takeover.
CVE-2017-15379 SQL Injection in softwarepublico (CVE-2017-15379)
SQL injection in softwarepublico (CVE-2017-15379). Successful exploitation can lead to full system takeover.
CVE-2017-7121 Vulnerability in dos (CVE-2017-7121)
vulnerability in dos (CVE-2017-7121). Successful exploitation can lead to full system takeover.
CVE-2017-7122 Vulnerability in dos (CVE-2017-7122)
vulnerability in dos (CVE-2017-7122). Successful exploitation can lead to full system takeover.
CVE-2017-7123 Vulnerability in dos (CVE-2017-7123)
vulnerability in dos (CVE-2017-7123). Successful exploitation can lead to full system takeover.
CVE-2017-7124 Vulnerability in dos (CVE-2017-7124)
vulnerability in dos (CVE-2017-7124). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →