Export limit exceeded: 347829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18879 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17906 | 1 Car Rental Script Project | 1 Car Rental Script | 2025-04-20 | N/A |
| PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. | ||||
| CVE-2017-17916 | 1 Rubyonrails | 1 Rails | 2025-04-20 | 8.1 High |
| SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input | ||||
| CVE-2017-17917 | 1 Rubyonrails | 1 Rails | 2025-04-20 | 8.1 High |
| SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input | ||||
| CVE-2017-17919 | 1 Rubyonrails | 1 Ruby On Rails | 2025-04-20 | 8.1 High |
| SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input | ||||
| CVE-2017-17920 | 1 Rubyonrails | 1 Ruby On Rails | 2025-04-20 | N/A |
| SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input | ||||
| CVE-2017-17928 | 1 Ordermanagementscript | 1 Professional Service Script | 2025-04-20 | N/A |
| PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. | ||||
| CVE-2017-17931 | 1 Resume Clone Script Project | 1 Resume Clone Script | 2025-04-20 | N/A |
| PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. | ||||
| CVE-2017-17941 | 1 Single Theater Booking Script Project | 1 Single Theater Booking Script | 2025-04-20 | N/A |
| PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter. | ||||
| CVE-2017-17950 | 1 Cells | 1 Blog | 2025-04-20 | N/A |
| Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter. | ||||
| CVE-2017-17951 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2025-04-20 | N/A |
| PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter. | ||||
| CVE-2017-17957 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2025-04-20 | N/A |
| PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter. | ||||
| CVE-2017-17959 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2025-04-20 | N/A |
| PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. | ||||
| CVE-2017-17983 | 1 Muslim Matrimonial Script Project | 1 Muslim Matrimonial Script | 2025-04-20 | N/A |
| PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter. | ||||
| CVE-2017-7886 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-04-20 | N/A |
| Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter. | ||||
| CVE-2017-7879 | 1 Flatcore | 1 Flatcore-cms | 2025-04-20 | N/A |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database. | ||||
| CVE-2017-7878 | 1 Flatcore | 1 Flatcore-cms | 2025-04-20 | N/A |
| SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | ||||
| CVE-2017-7719 | 1 Web-dorado | 1 Spider Event Calendar | 2025-04-20 | N/A |
| SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | ||||
| CVE-2017-7717 | 1 Sap | 1 Netweaver Application Server Java | 2025-04-20 | 8.8 High |
| SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504. | ||||
| CVE-2017-7681 | 1 Apache | 1 Openmeetings | 2025-04-20 | N/A |
| Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end. | ||||
| CVE-2017-7628 | 1 Smart Related Articles Project | 1 Smart Related Articles | 2025-04-20 | N/A |
| The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability). | ||||