Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4635 1 Site2nite 1 Vacation Rental Listings 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-4636 1 Site2nite 1 Business E-listings 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-1669 1 Mahara 1 Mahara 2025-04-11 N/A
SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-5287 1 Cstech 1 Webconductor 2025-04-11 N/A
SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1661 1 Jcink 1 Php-quick-arcade 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php.
CVE-2010-1855 1 Phpscripte24 1 Pay Per Watch \& Bid Auktions System 2025-04-11 N/A
SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2009-4855 1 Typo3 1 Typo3 2025-04-11 N/A
SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYPO3 extensions - not in TYPO3 Core.
CVE-2013-5409 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-11 N/A
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1656 1 Airiny 1 Com Abc 2025-04-11 N/A
SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sectionid parameter in an abc action to index.php.
CVE-2010-1740 1 Freeguppy 1 Guppy 2025-04-11 N/A
SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote attackers to execute arbitrary SQL commands via the lng parameter.
CVE-2010-1615 1 Moodle 1 Moodle 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation in some forms elements" related to lib/form/selectgroups.php.
CVE-2010-1605 1 Ncrypted 1 Nct Jobs Portal Script 2025-04-11 N/A
Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) anyword and (2) cityname parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2013-5354 1 Sharetronix 1 Sharetronix 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Sharetronix 3.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) fb_user_id or (2) tw_user_id parameter to signup.
CVE-2013-5322 2 Jan Bednarik, Typo3 2 Cooluri, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1600 2 Joomla, Thefactory 2 Joomla\!, Com Mediamall 2025-04-11 N/A
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
CVE-2010-1599 1 Nkinfoweb 1 Nkinfoweb 2025-04-11 N/A
SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter.
CVE-2013-5310 2 Mauro Lorenzutti, Typo3 2 Wfqbe, Typo3 2025-04-11 N/A
SQL injection vulnerability in the DB Integration (wfqbe) extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1595 1 Ocsinventory-ng 1 Ocs Inventory Ng 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter.
CVE-2010-1588 1 Vpasp 1 Vp-asp Shopping Cart 2025-04-11 N/A
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via the websess parameter.
CVE-2013-5306 2 Die-netzmacher, Typo3 2 Browser, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.