Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-5063 1 Vwar 1 Virtual War 2025-04-11 N/A
SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter.
CVE-2010-5056 2 Gbu Grafici, Joomla 2 Com Gbufacebook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the GBU Facebook (com_gbufacebook) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the face_id parameter in a show_face action to index.php.
CVE-2010-5024 1 Cutesite 1 Cutesite Cms 2025-04-11 N/A
SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-5023 1 Cramerdev 1 Digital Interchange Calendar 2025-04-11 N/A
SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter.
CVE-2010-5022 2 Harmistechnology, Joomla 2 Com Jesubmit, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
CVE-2010-2436 1 Anecms 1 Anecms Blog 2025-04-11 N/A
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
CVE-2010-5016 1 Eliteladders 1 Elite Gaming Ladders 2025-04-11 N/A
SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter.
CVE-2010-5014 1 Eliteladders 1 Elite Gaming Ladders 2025-04-11 N/A
SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.
CVE-2010-2438 1 Laubrotel 1 G.cms Generator 2025-04-11 N/A
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
CVE-2010-2611 1 I-netsolution 1 Job Search Engine Script 2025-04-11 N/A
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2010-5003 2 Autartica, Joomla 2 Com Autartimonial, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1654 1 Instantrankingseo 1 Infocus Real Estate 2025-04-11 N/A
Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2010-5000 1 Joe Pieruccini 1 Mclogin System 2025-04-11 N/A
SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_login action. NOTE: some of these details are obtained from third party information.
CVE-2010-4993 2 Joomla, Kay Messerschmidt 2 Joomla\!, Com Eventcal 2025-04-11 N/A
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-4990 2 B-elektro, Joomla 2 Com Addressbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php.
CVE-2010-4969 1 Brotherscripts 1 Business Directory 2025-04-11 N/A
SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4968 2 Joomla, Webmaster-tips 2 Joomla\!, Com Wmtpic 2025-04-11 N/A
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-0404 1 Phpgroupware 1 Phpgroupware 2025-04-11 N/A
Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, (2) class.translation_sql.inc.php, or (3) class.auth_sql.inc.php in phpgwapi/inc/.
CVE-2010-4963 1 Hulihanapplications 1 Hulihan Bxr 2025-04-11 N/A
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
CVE-2010-1706 1 2daybiz 1 Auction Script 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information.