SQL injection Prevention - GET : Authentication bypass attempt with OR statement Description         Default configuration   Profiles High Medium Low Internet Action Block Block Block Block Alarm Level Major Minor Minor Minor       References         Available since   ASQ v5.0.0       Protects   Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Dolibarr Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla Core SQL Injection Vulnerability Fixed by 3.7.1 Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple SQL Injection Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Plugins Multiple Vulnerabilities Joomla "DT Register" Plugin SQL Injection Vulnerability WordPress Third-Party Plugins Multiple Vulnerabilities WordPress Third-Party Modules Multiple Vulnerabilities WordPress Third-Party Modules Multiple Vulnerabilities Cisco Identity Services Engine SQL Injection Vulnerability WordPress Third Party Modules Multiple Vulnerabilities AlienVault Unified Security Management Multiple Vulnerabilities Fixed by 5.3.2 Joomla Third-Party Plugins Multiple Vulnerabilities SAP Adaptive Server Enterprise (ASE) Multiple Vulnerabilities Fixed by September 2016 Patch Day Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Zabbix Latest Data SQL Injection Vulnerability Joomla "Event Registration Pro" SQL Injection Vulnerability Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities Red Hat JBoss BPM Suite Dashbuilder SQL Injection Vulnerability Joomla Third-Party Plugins Multiple Vulnerabilities Drupal 'menupereid' SQL injection Vulnerability Riverbed SteelCentral NetProfiler Multiple Vulnerabilities Fixed by 10.9.0 Cisco Prime Collaboration Deployment SQL Injection Vulnerability Joomla Third-Party Plugins Multiple Vulnerabilities Nagios XI Multiple Vulnerabilities Joomla Third-Party Plugins Multiple Vulnerabilities phpMyAdmin Multiple Vulnerabilities Fixed by 4.6.2 and 4.4.15.6 GLPI "ajax/getDropdownConnect.php" SQL Injection Vulnerability Fixed by 0.90.3 Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities Cacti "tree.php" SQL Injection Vulnerability Cacti "graph_template" Parameter "graphs_new.php" SQL Injection Vulnerability Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities BlackBerry Enterprise Server Management Console Multiple Vulnerabilities Fixed by 12.4 Joomla Third-Party Modules Multiple SQL Injection Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities TestLink SQL Injection Vulnerability Fixed by 1.9.15 Atlassian Confluence Multiple Vulnerabilities Fixed by 5.8.17 Joomla Third-Party Modules Multiple Vulnerabilities Cacti Multiple SQL Injection Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities Cisco Secure Access Control Server (ACS) SQL Injection Vulnerability Joomla Core Multiple Vulnerabilities Fixed by 3.4.5 Kerio Control Remote Command Execution Vulnerability Wordpress Multiple Third Party Plugins Multiple Vulnerabilities TestLink Multiple Vulnerabilities Fixed by 1.9.14 Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Cisco Prime Collaboration SQL Injection Vulnerability Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Joomla Third-Party Modules Multiple Vulnerabilities Joomla "JoomShopping" SQL Injection Vulnerability Joomla Third-Party Modules Multiple Vulnerabilities Merethis Centreon Blind SQL Injection and Authenticated Remote Command Execution Vulnerability Wordpress Multiple Third Party Plugins Multiple Vulnerabilities Cisco WebEx Meeting Center GET Parameter Vulnerability TYPO3 Multiple Third-Party Components Vulnerabilities Cisco Prime Collaboration Manager SQL Injection Vulnerability Cacti Multiple Vulnerabilities Fixed by 0.8.8d WordPress WP Symposium Plugin SQL Injection Vulnerability WordPress Contus Video Gallery Plugin SQL Injection Vulnerability WordPress Community Events Plugin Multiple SQL Injection Vulnerabilities Cisco Unified Communications Manager Interactive Voice Response Interface SQL Injection Vulnerability WordPress WP Business Intelligence Lite Plugin SQL Injection Vulnerability Galette ZendDB Two SQL Injection Vulnerabilities WordPress SEO by Yoast Plugin Cross-Site Request Forgery and SQL Injection Vulnerabilities WordPress Store Locator Plugin "sl_vars[num_initial_displayed]" SQL Injection Vulnerability SolarWinds Products "sort" and "dir" SQL Injection Vulnerabilities phpBugTracker Multiple Vulnerabilities WordPress Spider Event Calendar Plugin "cat_id" SQL Injection Vulnerability F5 BIG-IP Application Security Manager Tree View Cross-Site Scripting Vulnerability miniBB "code" SQL Injection Vulnerability Zabbix Two SQL Injection Vulnerabilities GLPI "condition" SQL Injection Vulnerability PHP-Fusion Multiple SQL Injection Vulnerabilities IP.Board "id" SQL Injection Vulnerability ManageEngine Password Manager Pro Two SQL Injection Vulnerabilities IP.Board IP.Content Module "cid" SQL Injection Vulnerability BSS BS-Client Multiple Vulnerabilities InvGate Service Desk Multiple SQL Injection Vulnerabilities WordPress Polldaddy Polls & Ratings Plugin Cross-Site Scripting Vulnerability web2Project Multiple SQL Injection Vulnerabilities Videos Tube "url" SQL Injection Vulnerability ZeroCMS Multiple Vulnerabilities webEdition "tblFile" SQL Injection Vulnerability NULL NUKE Cross-Site Request Forgery and SQL Injection Vulnerabilities Free Help Desk Script Insertion and SQL Injection Vulnerabilities Xerox DocuShare URL SQL Injection Vulnerability mAdserve Multiple "id" SQL Injection Vulnerabilities Jigowatt PHP Event Calendar "year" SQL Injection Vulnerability Netvolution CMS SQL Injection Vulnerability WordPress mTouch Quiz Plugin "quiz" Cross-Site Scripting and SQL Injection Vulnerabilities Joomla! AJAX Shoutbox Component "jal_lastID" SQL Injection Vulnerability couponPHP Two Cross-Site Scripting Vulnerabilities Ganesha Digital Library Cross-Site Scripting and SQL Injection Vulnerabilities Cory Support "q" SQL Injection Vulnerability POSH Weakness and Two Vulnerabilities GeoCore Multiple SQL Injection Vulnerabilities HostBill Staff Tickets SQL Injection Vulnerability OpenDocMan Security Bypass and SQL Injection Vulnerabilities Pina CMS Cross-Site Scripting Vulnerability ITechClassifieds Multiple SQL Injection and Cross-Site Scripting Vulnerabilities mySeat Restaurant Reservation System Cross-Site Scripting and SQL Injection Vulnerabilities Collabtive Script Insertion and SQL Injection Vulnerabilities Horizon QCMS File Disclosure and SQL Injection Vulnerabilities UAEPD Shopping Cart Script Multiple SQL Injection Vulnerabilities CUBIC CMS Multiple Vulnerabilities AuctionWebScript Lowest Unique Bid Auction "id" SQL Injection Vulnerability AuctionWebScript Ebay Clone "id" SQL Injection Vulnerability AuctionWebScript Penny Auction "id" SQL Injection Vulnerability WordPress FormCraft Plugin "id" SQL Injection Vulnerability Testa OTMS "test_id" SQL Injection Vulnerability ViciDial Asterisk GUI Client SQL Injection and Arbitrary Command Execution Vulnerability Dolibarr "sondage" SQL Injection Vulnerability Bilboplanet Cross-Site Scripting and SQL Injection Vulnerabilities Aanval SAS Cross-Site Scripting and SQL Injection Vulnerabilities Posnic Stock Management System Cross-Site Scripting and SQL Injection Vulnerabilities Flo CMS "archivem" SQL Injection Vulnerability myBusinessAdmin "id" SQL Injection Vulnerability DotNetNuke DNNArticle Module "categoryid" SQL Injection Vulnerability Quack Chat Cross-Site Scripting and Script Insertion Vulnerabilities Joomla! redSHOP Component "pid" SQL Injection Vulnerability MLM Auction "id" SQL Injection Vulnerability Cotonti "c" SQL Injection Vulnerability 2daybiz Multi Level Marketing Software Cross-Site Scripting and SQL Injection Vulnerabilities Saurus CMS Multiple Vulnerabilities McAfee ePolicy Orchestrator Multiple Cross-Site Scripting Vulnerabilities ivote "id" SQL Injection Vulnerability Top Games Script "gid" SQL Injection Vulnerability ClientExec Security Issue and Multiple Vulnerabilities Fobuc Guestbook "category" SQL Injection Vulnerability Matterdaddy Market Cross-Site Scripting and SQL Injection Vulnerabilities WordPress Spider Catalog Plugin Cross-Site Scripting and SQL Injection Vulnerabilities Ajax Availability Calendar Multiple Vulnerabilities Joomla! DJ-Classifieds Component "se_regs[]" SQL Injection Vulnerability EasyWebScripts Craigslist Clone "catid" SQL Injection Vulnerability b2evolution "show_statuses[]" SQL Injection Vulnerability phpVMS PopUpNews Module SQL Injection Vulnerability rebus:list "list_id" SQL Injection Vulnerability daloRADIUS Multiple Vulnerabilities Joomla! RSFiles! Component "cid" SQL Injection Vulnerability Nconf Path Disclosure Weakness and Cross-Site Scripting Vulnerability PHP-Fusion Multiple SQL Injection and Cross-Site Scripting Vulnerabilities EasyWebScripts eBay Clone Script Multiple Cross-Site Scripting and SQL Injection Vulnerabilities Scripts Genie Domain Trader "id" SQL Injection Vulnerability Gallery Personals "L" SQL Injection Vulnerability Games Site Script "id" SQL Injection Vulnerability OpenEMR Multiple Vulnerabilities AdaptCMS Multiple Vulnerabilities ImageCMS "q" SQL Injection Vulnerability WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities Classified Ultra "cname" Cross-Site Scripting and "c" SQL Injection Vulnerabilities Website Baker Concert Calendar Add-on Cross-Site Scripting and SQL Injection Vulnerabilities WordPress Shopping Cart Plugin Multiple SQL Injection Vulnerabilities MyBB HM_My Country Flags Plugin "cnam" SQL Injection Vulnerability Guru Auction Two SQL Injection Vulnerabilities Elite Bulletin Board Multiple SQL Injection Vulnerabilities MyBB Transactions Plugin "transaction" SQL Injection Vulnerability MyBB Profile Blogs Plugin Script Insertion and SQL Injection Vulnerabilities MyBB Tips Of The Day Plugin Script Insertion and SQL Injection Vulnerabilities Joomla! JooProperty Component Multiple Vulnerabilities Newscoop "f_email" SQL Injection Vulnerability Beat Websites "id" SQL Injection Vulnerability Baby Gekko Multiple Cross-Site Scripting Vulnerabilities MYRE Vacation Rental Software Cross-Site Scripting and SQL Injection Vulnerabilities The FAQ Manager Two SQL Injection Vulnerabilities netOffice Dwins Multiple SQL Injection Vulnerabilities Intramaps Multiple Vulnerabilities WordPress Hitasoft FLV Player Plugin "id" SQL Injection Vulnerability Joomla! Spider Catalog Component "product_id" SQL Injection Vulnerability WordPress FireStorm Professional Real Estate Plugin "id" SQL Injection Vulnerability Joomla! Commedia Component "id" SQL Injection Vulnerability ManageEngine Security Manager Plus File Disclosure and SQL Injection Vulnerabilities Cartweaver Local File Inclusion and SQL Injection Vulnerabilities Campaign Enterprise "UID" SQL Injection Vulnerability MyBB Profile Albums Plugin SQL Injection Vulnerability airVision NVR "path" Arbitrary File Disclosure and "id" SQL Injection Vulnerabilities WordPress Spider Calendar Plugin Cross-Site Scripting and SQL Injection Vulnerabilities TorrentTrader Cross-Site Scripting and SQL Injection Vulnerabilities webERP Multiple Vulnerabilities LuxCal Web Calendar "id" SQL Injection Vulnerability TAGWORX.CMS "cid" SQL Injection Vulnerability Auxilium PetRatePro Multiple Vulnerabilities LimeSurvey Multiple Vulnerabilities Joomla! Spider Calendar Lite Component "date" SQL Injection Vulnerability WordPress HD Webplayer Plugin Two SQL Injection Vulnerabilities Joomla! Komento Component RSS Feed "cid" SQL Injection Vulnerability OrderSys Two Cross-Site Scripting Vulnerabilities YourArcadeScript SQL Injection and Cross-Site Request Forgery Vulnerabilities ManageEngine OpStor SQL Injection and Cross-Site Scripting Vulnerabilities Flynax General Classifieds Multiple Cross-Site Scripting Vulnerabilities Cyclope Employee Surveillance Solution Security Bypass and SQL Injection Vulnerabilities Total Shop UK eCommerce URL SQL Injection Vulnerability 1024 CMS "id" and "p" SQL Injection Vulnerabilities Joomla! En Masse Component "sortBy" SQL Injection Vulnerability TCExam Cross-Site Scripting and SQL Injection Vulnerabilities Joomla! Joomgalaxy Component "catid" SQL Injection Vulnerability Limny "escape()" SQL Injection Vulnerability Ushahidi Multiple Vulnerabilities CuteFlow Multiple Vulnerabilities Zabbix "itemid" SQL Injection Vulnerability Spiceworks snmpd.conf Script Insertion Vulnerabilities WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities WordPress Sendit Newsletter Plugin "id" SQL Injection Vulnerability MGB Multiple Cross-Site Scripting and SQL Injection Vulnerabilities GuestBook Script Multiple Cross-Site Scripting Vulnerabilities MBB CMS Multiple Vulnerabilities LIOOSYS CMS "id" SQL Injection Vulnerability WordPress Website FAQ Plugin "category" SQL Injection Vulnerability 100 last CVE   CVE-2018-7717 CVE-2018-17397 CVE-2018-17394 CVE-2018-17385 CVE-2018-17384 CVE-2018-17383 CVE-2018-17382 CVE-2018-17380 CVE-2018-17379 CVE-2018-17378 CVE-2018-17377 CVE-2018-17376 CVE-2018-17375 CVE-2017-9337 CVE-2017-9336 CVE-2017-8917 CVE-2017-6098 CVE-2017-6097 CVE-2017-6096 CVE-2017-6095 CVE-2017-2550 CVE-2017-2168 CVE-2017-18345 CVE-2017-17900 CVE-2017-17899 CVE-2017-17898 CVE-2017-17897 CVE-2017-15966 CVE-2017-15965 CVE-2017-1002022 CVE-2017-1002021 CVE-2017-1002020 CVE-2017-1002019 CVE-2017-1002018 CVE-2017-1002017 CVE-2016-8583 CVE-2016-8582 CVE-2016-8581 CVE-2016-8580 CVE-2016-6453 CVE-2016-5099 CVE-2016-5098 CVE-2016-5097 CVE-2016-4999 CVE-2016-3659 CVE-2016-3172 CVE-2016-1915 CVE-2016-1914 CVE-2016-1437 CVE-2016-10134 CVE-2016-1000271 CVE-2016-1000124 CVE-2016-0770 CVE-2016-0769 CVE-2016-0765 CVE-2015-8399 CVE-2015-8398 CVE-2015-8377 CVE-2015-8369 CVE-2015-7899 CVE-2015-7859 CVE-2015-7858 CVE-2015-7857 CVE-2015-7683 CVE-2015-7682 CVE-2015-7670 CVE-2015-7669 CVE-2015-7668 CVE-2015-7667 CVE-2015-7666 CVE-2015-7527 CVE-2015-7517 CVE-2015-7391 CVE-2015-7390 CVE-2015-7377 CVE-2015-7357 CVE-2015-7319 CVE-2015-7297 CVE-2015-6345 CVE-2015-6329 CVE-2015-6238 CVE-2015-5472 CVE-2015-5471 CVE-2015-5469 CVE-2015-5461 CVE-2015-4454 CVE-2015-4342 CVE-2015-4208 CVE-2015-4188 CVE-2015-4109 CVE-2015-4075 CVE-2015-4074 CVE-2015-4073 CVE-2015-4072 CVE-2015-4071 CVE-2015-3325 CVE-2015-3313 CVE-2015-3173 CVE-2015-2803 CVE-2015-2665    Risk level  Moderate