Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0692 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0691 1 Jtl-software 1 Jtl-shop 2025-04-11 N/A
SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter.
CVE-2010-0677 1 Katalog.hurricane 1 Katalog Stron Hurricane 2025-04-11 N/A
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter.
CVE-2010-0672 1 Webmastersite 1 Wsn Guest 2025-04-11 N/A
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
CVE-2010-0632 2 Joomla, Parkviewconsultants 2 Joomla\!, Com Simplefaq 2025-04-11 N/A
SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action to index.php.
CVE-2010-0630 1 Evernewscripts 1 Free Joke Script 2025-04-11 N/A
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-5072 1 Sitracker 1 Support Incident Tracker 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to portal/kb.php; (2) contractid parameter to contract_add_service.php; (3) id parameter to edit_escalation_path.php; (4) unlock, (5) lock, or (6) selected parameter to holding_queue.php; inc parameter in a report action to (7) report_customers.php or (8) report_incidents_by_site.php; (9) start parameter to search.php; or (10) sites parameter to transactions.php.
CVE-2009-4992 1 Script-shop24 1 Lm Starmail Paidmail 2025-04-11 N/A
SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2009-4982 1 Irokez 1 Irokez Cms 2025-04-11 N/A
SQL injection vulnerability in the select function in Irokez CMS 0.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to the default URI.
CVE-2009-4973 1 Sweetphp 1 Totalcalendar 2025-04-11 N/A
SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action.
CVE-2009-4971 2 Typo3, Vincent Tietz 2 Typo3, Vjchat 2025-04-11 N/A
SQL injection vulnerability in the AJAX Chat (vjchat) extension before 0.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4970 2 Typo3, Typo3-macher 2 Typo3, T3m Affiliate 2025-04-11 N/A
SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4969 1 Typo3 2 Sbanner, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Solidbase Bannermanagement (SBbanner) extension 1.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4954 2 Typo3, Websedit 2 Typo3, Sk Calendar 2025-04-11 N/A
SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-2670 1 Brotherscripts 1 Recipe Website 2025-04-11 N/A
SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4949 2 Joachim Ruhs, Typo3 2 Locator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-2627 1 Idleman 1 Leed 2025-04-11 N/A
SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action.
CVE-2010-2686 1 Topmanage 1 Olk Module 2025-04-11 N/A
Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP allow remote attackers to execute arbitrary SQL commands via the (1) PriceFrom, (2) PriceTo, and (3) InvFrom parameters, as reachable from olk/c_p/searchCart.asp, and other unspecified vectors when performing an advanced search. NOTE: some of these details are obtained from third party information.
CVE-2010-2694 2 Joomla, Redcomponent 2 Joomla\!, Com Redshop 2025-04-11 N/A
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter to index.php.
CVE-2010-2714 1 Tcwonline 1 Tcw Php Album 2025-04-11 N/A
SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote attackers to execute arbitrary SQL commands via the album parameter.