Security Vulnerabilities, CVEs, Published In November 2015 (Sql injection)

CVE-2015-5308

Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user, (2) isadmin, (3) mail service, (4) mailresceipt, (5) stellv, (6) champtipp, (7) tippgroup, or (8) userid parameter.
Max CVSS
7.5
EPSS Score
0.17%
Published
2015-11-02
Updated
2015-11-04

CVE-2015-2213

SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash.
Max CVSS
7.5
EPSS Score
0.42%
Published
2015-11-09
Updated
2017-11-04

CVE-2015-1989

SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.10%
Published
2015-11-08
Updated
2015-11-09
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close