| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter. |
| SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter. |
| SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter. |
| Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter. |
| Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php. |
| SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php. |
| SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action. |
| SQL injection vulnerability in picture.php in phpTest 0.6.3 allows remote attackers to execute arbitrary SQL commands via the image_id parameter. |
| SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter. |
| SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086. |
| SQL injection vulnerability in events.cfm in BookMine allows remote attackers to execute arbitrary SQL commands via the events_id parameter. |
| SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter. |
| SQL injection vulnerability in browse.php in TriO 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in ugroups.php in Youtuber Clone allows remote attackers to execute arbitrary SQL commands via the UID parameter. |
| Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to browse.php or (2) the s parameter in an exhibitions action to detail.php. |
| SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in eStoreAff 0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action to index.php. |
| SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. |
