CVE-2015-2679 CVSS:7.5
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php. (Last Update:2016-12-03) (Publish Update:2015-03-23)
CVE-2015-2216 CVSS:7.5
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter. (Last Update:2016-12-03) (Publish Update:2015-03-05)
CVE-2015-2208 CVSS:7.5
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter. (Last Update:2015-03-12) (Publish Update:2015-03-12)
CVE-2015-2196 CVSS:7.5
SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php. (Last Update:2015-03-04) (Publish Update:2015-03-03)
CVE-2015-2183 CVSS:7.5
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2) subadminmgt edit action or (3) cid parameter in an editcurrency action to admin/. (Last Update:2015-07-28) (Publish Update:2015-03-10)
CVE-2015-2102 CVSS:7.5
SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter. (Last Update:2018-10-09) (Publish Update:2015-02-27)
CVE-2015-2090 CVSS:7.5
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php. (Last Update:2016-11-30) (Publish Update:2015-02-26)
CVE-2015-2070 CVSS:7.5
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed. (Last Update:2016-11-30) (Publish Update:2015-02-24)
CVE-2015-2065 CVSS:7.5
SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery (contus-video-gallery) plugin before 2.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the vid parameter in a rss action to wp-admin/admin-ajax.php. (Last Update:2016-11-30) (Publish Update:2015-02-24)
CVE-2015-2055 CVSS:7.8
Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter. (Last Update:2016-11-30) (Publish Update:2015-02-23)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com