Skip to main content
CVE-2018-10094 CRITICAL POC PATCH THREAT Act Now

SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Dolibarr
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
71.2%
CVE-2018-11373 CRITICAL POC Act Now

iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Eswap
NVD GitHub
CVSS 3.0
9.8
EPSS
1.2%
CVE-2018-11372 CRITICAL POC Act Now

iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Eswap
NVD GitHub
CVSS 3.0
9.8
EPSS
1.2%
CVE-2018-11369 CRITICAL POC Act Now

An issue was discovered in PbootCMS v1.0.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pbootcms
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-9019 CRITICAL PATCH Act Now

SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi PHP Dolibarr Data Integrator
NVD GitHub
CVSS 3.1
9.8
EPSS
4.0%
CVE-2018-11325 CRITICAL Act Now

An issue was discovered in Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Joomla
NVD
CVSS 3.0
9.8
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy