Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
19 HIGH1 MEDIUM
CVE-2018-25333
HIGH CVSS 8.8
Find Similar
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the l
NVD RRF 0.016
CVE-2019-25730
HIGH CVSS 8.8
Find Similar
Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can se
NVD RRF 0.016
CVE-2018-25400
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attac
NVD RRF 0.016
CVE-2019-25533
HIGH CVSS 8.8
Find Similar
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. A
NVD RRF 0.016
CVE-2018-25188
HIGH CVSS 8.8
Find Similar
Webiness Inventory 2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the order parameter. Attackers
NVD RRF 0.015
CVE-2018-25402
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attacke
NVD RRF 0.015
CVE-2018-25398
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frm_passwd parameter.
NVD RRF 0.015
CVE-2018-25401
HIGH CVSS 8.8
Find Similar
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attacke
NVD RRF 0.015
CVE-2017-20249
HIGH CVSS 8.8
Find Similar
Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attack
NVD RRF 0.014
CVE-2021-47930
HIGH CVSS 8.8
Find Similar
Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can s
NVD RRF 0.014
CVE-2018-25406
HIGH CVSS 8.8
Find Similar
eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. At
NVD RRF 0.014
CVE-2018-25194
HIGH CVSS 8.8
Find Similar
Nominas 0.27 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the username parameter. Attackers can se
NVD RRF 0.014
CVE-2024-28145
MEDIUM CVSS 5.9
Find Similar
An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are
NVD RRF 0.014
CVE-2018-25416
HIGH CVSS 8.8
Find Similar
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers
NVD RRF 0.014
CVE-2018-25167
HIGH CVSS 8.8
Find Similar
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicio
NVD RRF 0.013
CVE-2019-25532
HIGH CVSS 8.8
Find Similar
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers ca
NVD RRF 0.013
CVE-2018-25192
HIGH CVSS 8.8
Find Similar
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can subm
NVD RRF 0.013
CVE-2018-25405
HIGH CVSS 8.8
Find Similar
eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. At
NVD RRF 0.013
CVE-2024-9149
HIGH CVSS 8.6
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wind Media E-Commerce Website Template allows SQL Injection. This issue affects E-Commerce Websit
NVD RRF 0.013
CVE-2019-25643
HIGH CVSS 8.8
Find Similar
eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bid parameter. Attac
NVD RRF 0.013
Page 1+ Next →