Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
1 CRITICAL19 HIGH
CVE-2017-20275
HIGH CVSS 8.8
Find Similar
Joomla! Component PHP-Bridge 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter.
NVD RRF 0.016
CVE-2017-20253
HIGH CVSS 8.8
Find Similar
Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari parame
NVD RRF 0.016
CVE-2017-20260
HIGH CVSS 8.8
Find Similar
Joomla! Component Price Alert 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the product_id pa
NVD RRF 0.016
CVE-2017-20262
HIGH CVSS 8.8
Find Similar
Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. At
NVD RRF 0.016
CVE-2017-20280
HIGH CVSS 8.8
Find Similar
Joomla Component Myportfolio 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the pid parameter. Attacke
NVD RRF 0.015
CVE-2019-25752
HIGH CVSS 8.8
Find Similar
Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type
NVD RRF 0.015
CVE-2017-20266
HIGH CVSS 8.8
Find Similar
Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter
NVD RRF 0.015
CVE-2018-25400
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attac
NVD RRF 0.015
CVE-2019-25730
HIGH CVSS 8.8
Find Similar
Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can se
NVD RRF 0.014
CVE-2018-25433
HIGH CVSS 8.8
Find Similar
Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the category
NVD RRF 0.014
CVE-2017-20256
HIGH CVSS 8.8
Find Similar
Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter
NVD RRF 0.014
CVE-2018-25401
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attacke
NVD RRF 0.014
CVE-2017-20272
HIGH CVSS 8.8
Find Similar
Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sf_selectu
NVD RRF 0.014
CVE-2017-20261
HIGH CVSS 8.8
Find Similar
Joomla! Component Bargain Product VM3 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the product
NVD RRF 0.014
CVE-2018-25425
HIGH CVSS 8.8
Find Similar
Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers c
NVD RRF 0.013
CVE-2019-25503
HIGH CVSS 7.1
Find Similar
PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Atta
blondish
NVD RRF 0.013
CVE-2020-37218
HIGH CVSS 8.8
Find Similar
Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the h
NVD RRF 0.013
CVE-2017-20252
HIGH CVSS 8.8
Find Similar
Joomla NextGen Editor 2.1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the plname parameter. Attackers can send GET request
NVD RRF 0.013
CVE-2024-54811
CRITICAL CVSS 9.8
Find Similar
A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter.
phpgurukul
NVD RRF 0.013
CVE-2018-25404
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticket_id parameter.
NVD RRF 0.013
Page 1+ Next →