Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-3027 1 Tycoon 1 Baseball Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a game_player action.
CVE-2010-2926 1 Solucija 1 Snews 2025-04-11 N/A
SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2010-2339 1 Subdreamer 1 Subdreamer 2025-04-11 N/A
SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action.
CVE-2010-2335 1 Yamamah 1 Yamamah 2025-04-11 N/A
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
CVE-2010-2354 1 Pilotgroup 1 Elms Pro 2025-04-11 N/A
SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter.
CVE-2010-2319 1 Idevspot 1 Textads 2025-04-11 N/A
SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-2312 1 Hauntmax 1 Haunted House Directory Listing Cms 2025-04-11 N/A
SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action.
CVE-2011-1562 1 Ecava 1 Integraxor 2025-04-11 N/A
Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate.
CVE-2010-2257 1 Payperviewvideosoftware 1 Pay Per Minute Video Chat Script 2025-04-11 N/A
SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2011-1610 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.
CVE-2010-2254 2 Joomla, Shape5 2 Joomla\!, Bridge Of Hope Template 2025-04-11 N/A
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVE-2010-2141 1 Nitropowered 1 Nitro Web Gallery 2025-04-11 N/A
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.
CVE-2010-2140 1 Multishopcms 1 Multishop Cms 2025-04-11 N/A
SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-2467 1 Likewise 1 Likewise Open 2025-04-11 N/A
SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-2139 1 Multishopcms 1 Multishop Cms 2025-04-11 N/A
SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-2134 1 Http-solution 1 Project Man 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.
CVE-2010-2133 1 Mylittleforum 1 My Little Forum 2025-04-11 N/A
SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942.
CVE-2010-2131 2 Mario Matzulla, Typo3 2 Cal, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Calendar Base (cal) extension before 1.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via iCalendar data.
CVE-2010-2135 1 Hazelpress 1 Hazelpress 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.
CVE-2010-2124 1 Bartels-schoene 1 Conpresso 2025-04-11 N/A
SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.