| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in viewnews.asp in Todd Woolums ASP News Management 2.2 allows remote attackers to execute arbitrary SQL commands via the newsID parameter. |
| SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. |
| Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to netbutik.php and the (2) id parameter to product.php. |
| SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function definitions |
| SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter. |
| SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter. |
| Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php). |
| SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. |
| SQL injection vulnerability in index.php in PlainCart 1.1.2 allows remote attackers to execute arbitrary SQL commands via the p parameter. |
| SQL injection vulnerability in home.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the genres_parent parameter. |
| SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter. |
| Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter. |
| SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. |
| SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field. |
| SQL injection vulnerability in index.php in EasyWay CMS allows remote attackers to execute arbitrary SQL commands via the mid parameter. |
| SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp. |
