CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (SQL Injection)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-6098 89 Sql 2017-02-21 2017-02-23
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.
2 CVE-2017-6097 89 Sql 2017-02-21 2017-02-23
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.
3 CVE-2017-6096 89 Sql 2017-02-21 2017-02-23
6.5
None Remote Low Single system Partial Partial Partial
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.
4 CVE-2017-6095 89 Sql 2017-02-21 2017-02-23
7.5
None Remote Low Not required Partial Partial Partial
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
5 CVE-2017-6065 89 Exec Code Sql 2017-02-17 2017-02-23
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter.
6 CVE-2017-5879 89 Sql 2017-02-06 2017-02-08
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects source_selector.php and the following parameter: src.
7 CVE-2017-5611 89 Exec Code Sql 2017-01-29 2017-02-05
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
8 CVE-2017-5609 89 Exec Code Sql 2017-01-28 2017-02-05
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter.
9 CVE-2017-5598 89 Sql 2017-01-27 2017-01-31
5.0
None Remote Low Not required Partial None None
An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This is a blind SQL injection within the EmployeePortalServlet, which can be exploited by un-authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects the EmployeePortalServlet page and the following parameter: employer.
10 CVE-2017-5585 Exec Code Sql 2017-02-22 2017-02-22
0.0
None ??? ??? ??? ??? ??? ???
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary DML or DDL commands via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2520.
11 CVE-2017-5575 89 Exec Code Sql 2017-01-23 2017-01-26
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the modules parameter.
12 CVE-2017-5574 89 Exec Code Sql 2017-01-23 2017-01-26
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter.
13 CVE-2017-5570 89 Sql 2017-01-23 2017-01-26
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile().
14 CVE-2017-5569 89 Sql 2017-01-23 2017-01-26
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP POST request, and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile().
15 CVE-2017-5519 89 Exec Code Sql 2017-01-17 2017-01-27
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the id parameter.
16 CVE-2017-5517 89 Exec Code Sql 2017-01-17 2017-01-27
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the type parameter.
17 CVE-2017-5347 89 Exec Code Sql 2017-01-12 2017-01-27
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php.
18 CVE-2017-5346 89 Exec Code Sql 2017-01-12 2017-01-27
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php.
19 CVE-2017-5345 89 Exec Code Sql 2017-01-12 2017-01-27
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI.
20 CVE-2017-5344 89 Sql 2017-02-17 2017-02-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new class, SQLUtil (main/java/com/dotmarketing/common/util/SQLUtil.java), as part of the remediation of CVE-2016-8902; however, these can be overcome in the case of the q and inode parameters to the /categoriesServlet path. Overcoming these controls permits a number of blind boolean SQL injection vectors in either parameter. The /categoriesServlet web path can be accessed remotely and without authentication in a default dotCMS deployment.
21 CVE-2017-5218 Sql 2017-02-02 2017-02-03
0.0
None ??? ??? ??? ??? ??? ???
A SQL Injection issue was discovered in SageCRM 7.x before 7.3 SP3. The AP_DocumentUI.asp web resource includes Utilityfuncs.js when the file is opened or viewed. This file crafts a SQL statement to identify the database that is to be in use with the current user's session. The database variable can be populated from the URL, and when supplied non-expected characters, can be manipulated to obtain access to the underlying database. The /CRM/CustomPages/ACCPAC/AP_DocumentUI.asp?SID=<VALID-SID>&database=1';WAITFOR DELAY '0:0:5'-- URI is a Proof of Concept.
22 CVE-2017-5154 89 Sql 2017-02-13 2017-02-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files.
23 CVE-2017-5151 89 Exec Code Sql 2017-02-13 2017-02-16
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Injection vulnerability has been identified, which may allow remote code execution.
24 CVE-2017-3835 89 Sql 2017-02-21 2017-02-24
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More Information: CSCvb15627. Known Affected Releases: 1.4(0.908).
25 CVE-2016-1000217 89 Sql 2016-10-06 2016-12-22
7.5
None Remote Low Not required Partial Partial Partial
Zotpress plugin for WordPress SQLi in zp_get_account()
26 CVE-2016-1000125 89 Sql 2016-10-06 2017-01-19
7.5
None Remote Low Not required Partial Partial Partial
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
27 CVE-2016-1000124 89 Sql 2016-10-06 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
28 CVE-2016-1000123 89 Sql 2016-10-06 2016-12-22
7.5
None Remote Low Not required Partial Partial Partial
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
29 CVE-2016-1000122 89 Sql XSS 2016-10-27 2016-12-22
6.5
None Remote Low Single system Partial Partial Partial
XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
30 CVE-2016-1000120 89 Sql XSS 2016-10-27 2016-12-22
6.5
None Remote Low Single system Partial Partial Partial
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla
31 CVE-2016-1000116 79 Sql XSS 2016-10-21 2016-11-28
6.5
None Remote Low Single system Partial Partial Partial
Huge-IT Portfolio Gallery manager v1.1.5 SQL Injection and XSS
32 CVE-2016-1000115 79 Sql XSS 2016-10-21 2016-12-22
6.5
None Remote Low Single system Partial Partial Partial
Huge-IT Portfolio Gallery manager v1.1.5 SQL Injection and XSS
33 CVE-2016-1000113 89 Sql XSS 2016-10-06 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
XSS and SQLi in huge IT gallery v1.1.5 for Joomla
34 CVE-2016-1000000 89 Sql 2016-10-06 2017-01-17
6.5
None Remote Low Single system Partial Partial Partial
Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
35 CVE-2016-10134 89 Exec Code Sql 2017-02-16 2017-02-22
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
36 CVE-2016-10114 89 Exec Code Sql 2017-01-03 2017-01-10
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.
37 CVE-2016-10096 89 Exec Code Sql 2017-01-01 2017-01-05
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter.
38 CVE-2016-9864 89 Sql 2016-12-10 2016-12-23
6.0
None Remote Medium Single system Partial Partial Partial
An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected.
39 CVE-2016-9481 89 Sql 2016-11-29 2016-12-02
7.5
None Remote Low Not required Partial Partial Partial
In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL. Impact is a SQL injection.
40 CVE-2016-9416 89 Exec Code Sql 2017-01-31 2017-02-05
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
41 CVE-2016-9402 89 Exec Code Sql 2017-01-31 2017-02-05
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
42 CVE-2016-9333 89 Sql 2017-02-13 2017-02-17
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input (SQL INJECTION).
43 CVE-2016-9288 89 Sql 2016-11-11 2016-11-29
7.5
None Remote Low Not required Partial Partial Partial
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1.
44 CVE-2016-9287 89 Sql 2016-11-15 2016-11-29
7.5
None Remote Low Not required Partial Partial Partial
In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection.
45 CVE-2016-9283 89 Sql 2016-11-11 2016-11-29
5.0
None Remote Low Not required Partial None None
SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.
46 CVE-2016-9282 89 Sql 2016-11-11 2016-11-29
5.0
None Remote Low Not required Partial None None
SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter.
47 CVE-2016-9272 89 DoS Sql 2016-11-11 2016-11-29
6.4
None Remote Low Not required Partial None Partial
A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service.
48 CVE-2016-9242 89 Exec Code Sql 2016-11-07 2016-11-29
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/expRatingController.php in Exponent CMS 2.4.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) content_type or (2) subtype parameter.
49 CVE-2016-9184 89 Sql 2016-11-04 2016-11-29
5.0
None Remote Low Not required Partial None None
In /framework/modules/core/controllers/expHTMLEditorController.php of Exponent CMS 2.4.0, untrusted input is used to construct a table name, and in the selectObject method in mysqli class, table names are wrapped with a character that common filters do not filter, allowing for SQL Injection. Impact is Information Disclosure.
50 CVE-2016-9183 200 Sql Bypass +Info 2016-11-04 2016-11-29
5.0
None Remote Low Not required Partial None None
In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted input is passed into selectObjectsBySql. The method selectObjectsBySql of class mysqli_database uses the injectProof method to prevent SQL injection, but this filter can be bypassed easily: it only sanitizes user input if there are odd numbers of ' or " characters. Impact is Information Disclosure.
Total number of vulnerabilities : 6457   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.