Vulnerabilities (CVE)

CWE filter

CWE-89

Filter

5540 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-9333 2019-08-23 7.5
The cforms2 plugin before 14.6.10 for WordPress has SQL injection.
CVE-2017-18570 2019-08-23 7.5
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
CVE-2019-4483 1 Ibm 1 Emptoris Spend Analysis 2019-08-23 7.5
IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify...
CVE-2019-4481 1 Ibm 1 Emptoris Spend Analysis 2019-08-23 7.5
IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify...
CVE-2014-10379 2019-08-22 7.5
The duplicate-post plugin before 2.6 for WordPress has SQL injection.
CVE-2015-9330 1 Soflyy 1 Wp All Import 2019-08-22 7.5
The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection.
CVE-2019-13578 1 Impress 1 Givewp 2019-08-22 7.5
A SQL injection vulnerability exists in the Impress GiveWP Give plugin through 2.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...
CVE-2019-1010034 1 Deepsoft 1 Weblibrarian 2019-08-21 4.0
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" (defined at database_code.php line 1018) is vulnerable to a boolean-based blind...
CVE-2015-9325 1 Bestwebsoft 1 Visitors Online 2019-08-21 7.5
The visitors-online plugin before 0.4 for WordPress has SQL injection.
CVE-2016-10904 1 Olimometer Project 1 Olimometer 2019-08-21 7.5
The olimometer plugin before 2.57 for WordPress has SQL injection.
CVE-2015-9323 2019-08-21 7.5
The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.
CVE-2015-9324 2019-08-21 7.5
The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.
CVE-2015-9326 2019-08-21 7.5
The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.
CVE-2016-10909 1 Codepeople 1 Booking Calendar Contact Form 2019-08-21 7.5
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection.
CVE-2014-10376 2019-08-21 7.5
The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection.
CVE-2019-15025 2019-08-20 7.5
The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page.
CVE-2015-9310 1 Tipsandtricks-hq 1 All In One Wp Security %26 Firewall 2019-08-19 7.5
The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.
CVE-2016-10888 1 Tipsandtricks-hq 1 All In One Wp Security %26 Firewall 2019-08-19 7.5
The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues.
CVE-2016-10887 1 Tipsandtricks-hq 1 All In One Wp Security %26 Firewall 2019-08-19 7.5
The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues.
CVE-2019-14234 3 Djangoproject, Debian, Fedoraproject 3 Django, Debian Linux, Fedora 2019-08-19 7.5
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for...