Total
15150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21176 | 1 Thinkjs | 1 Thinkjs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter. | |||||
| CVE-2020-21133 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid. | |||||
| CVE-2020-21132 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerability in Metinfo 7.0.0beta in index.php. | |||||
| CVE-2020-21131 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguage. | |||||
| CVE-2020-21127 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel. | |||||
| CVE-2020-21121 | 1 Kliqqi | 1 Kliqqi Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file. | |||||
| CVE-2020-21013 | 1 Emlog | 1 Emlog | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| emlog v6.0.0 contains a SQL injection via /admin/comment.php. | |||||
| CVE-2020-21012 | 1 Hotel And Lodge Booking Management System Project | 1 Hotel And Lodge Booking Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. | |||||
| CVE-2020-20981 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information. | |||||
| CVE-2020-20975 | 1 Gxlcms | 1 Gxlcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter. | |||||
| CVE-2020-20800 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI. | |||||
| CVE-2020-20797 | 1 Flamecms Project | 1 Flamecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php. | |||||
| CVE-2020-20796 | 1 Flamecms Project | 1 Flamecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter. | |||||
| CVE-2020-20692 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php. | |||||
| CVE-2020-20675 | 1 Nuishop | 1 Nuishop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/. | |||||
| CVE-2020-20625 | 1 Slicedinvoices | 1 Sliced Invoices | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php. | |||||
| CVE-2020-20585 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information. | |||||
| CVE-2020-20583 | 1 8cms | 1 Ljcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information. | |||||
| CVE-2020-20474 | 1 White Shark Systems Project | 1 White Shark Systems | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the default_task_edituser.php files failing to filter the csa_to_user parameter. Remote attackers can exploit the vulnerability to obtain database sensitive information. | |||||
| CVE-2020-20473 | 1 White Shark Systems Project | 1 White Shark Systems | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the control_task.php, control_project.php, default_user.php files failing to filter the sort parameter. Remote attackers can exploit the vulnerability to obtain database sensitive information. | |||||