Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
1 CRITICAL15 HIGH3 MEDIUM1 LOW
CVE-2017-20271
HIGH CVSS 8.8
Find Similar
Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. A
NVD RRF 0.016
CVE-2017-20253
HIGH CVSS 8.8
Find Similar
Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari parame
NVD RRF 0.016
CVE-2017-20256
HIGH CVSS 8.8
Find Similar
Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter
NVD RRF 0.016
CVE-2017-20262
HIGH CVSS 8.8
Find Similar
Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. At
NVD RRF 0.016
CVE-2026-5672
MEDIUM CVSS 5.5
Find Similar
A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /edit-category.php of the component Parameter Handler.
NVD RRF 0.015
CVE-2018-25403
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attacke
NVD RRF 0.015
CVE-2024-54811
CRITICAL CVSS 9.8
Find Similar
A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter.
phpgurukul
NVD RRF 0.015
CVE-2017-20266
HIGH CVSS 8.8
Find Similar
Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter
NVD RRF 0.015
CVE-2015-20121
HIGH CVSS 8.8
Find Similar
Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parame
nextclickventures
NVD RRF 0.014
CVE-2024-53364
MEDIUM CVSS 5.4
Find Similar
A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitizat
phpgurukul
NVD RRF 0.014
CVE-2019-25534
HIGH CVSS 8.8
Find Similar
Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features[] parameter.
NVD RRF 0.014
CVE-2018-25197
HIGH CVSS 8.8
Find Similar
PlayJoom 0.10.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. Attackers can se
NVD RRF 0.014
CVE-2020-37218
HIGH CVSS 8.8
Find Similar
Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the h
NVD RRF 0.014
CVE-2025-7479
LOW CVSS 2.1
Find Similar
A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /users/view--deta
phpgurukul
NVD RRF 0.014
CVE-2017-20249
HIGH CVSS 8.8
Find Similar
Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attack
NVD RRF 0.013
CVE-2018-25400
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attac
NVD RRF 0.013
CVE-2018-25422
HIGH CVSS 8.8
Find Similar
MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attacker
NVD RRF 0.013
CVE-2025-45019
MEDIUM CVSS 5.4
Find Similar
A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary cod
phpgurukul
NVD RRF 0.013
CVE-2019-25750
HIGH CVSS 8.8
Find Similar
Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the
NVD RRF 0.013
CVE-2018-25425
HIGH CVSS 8.8
Find Similar
Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers c
NVD RRF 0.013
Page 1+ Next →