The buddyforms plugin before 2.2.8 for WordPress has SQL injection.
CWE-89
CVE-2018-21004
The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection.
CVE-2018-21021
img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter.
CVE-2018-21022
makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections via the host_id parameter.
CVE-2018-20887
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420).
CVE-2018-20770
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.
