Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-3207 1 Galeriashqip 1 Galeriashqip 2025-04-11 N/A
SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1733 1 Ocsinventory-ng 1 Ocs Inventory Ng 2025-04-11 N/A
Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via (1) multiple inventory fields to the search form, reachable through index.php; or (2) the "Software name" field to the "All softwares" search form, reachable through index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1499 1 Musicboxv2 1 Musicbox 2025-04-11 N/A
SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-2051 1 Debliteck 1 Dbcart 2025-04-11 N/A
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4404 2 Anything-digital, Joomla 2 Sh404sef, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4735 1 Allomani 1 Audio \& Video Library 2025-04-11 N/A
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
CVE-2011-2688 3 Apache, Debian, Mod Authnz External Project 3 Http Server, Debian Linux, Mod Authnz External 2025-04-11 N/A
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
CVE-2010-3267 1 Ifdefined 1 Bugtracker.net 2025-04-11 N/A
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information.
CVE-2011-1055 1 Lingxia273 1 Lingxia I.c.e Cms 2025-04-11 N/A
SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the session.user_id parameter to media.cfm.
CVE-2010-4269 1 O-dyn 1 Collabtive 2025-04-11 N/A
SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action.
CVE-2010-5008 1 Denaliintranet 1 Brightsuite Groupware 2025-04-11 N/A
SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter.
CVE-2010-4975 2 Joomla, Techjoomla 2 Joomla\!, Com Socialads 2025-04-11 N/A
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.
CVE-2010-4972 1 Ypninc 1 Jokescript 2025-04-11 N/A
SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter.
CVE-2009-4730 1 X10media 1 Adult Script 2025-04-11 N/A
SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4727 1 Junglescripts 1 Ajax Short Url Script 2025-04-11 N/A
SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2010-1346 1 Ribafs 1 Mini Cms Ribafs 2025-04-11 N/A
SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-0614 1 Myshell 1 Evalsmsi 2025-04-11 N/A
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
CVE-2010-0635 2 Jevents, Joomla 2 Jevents Search Plugin, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2010-0610 2 Joomla, Webguerilla 2 Joomla\!, Com Photoblog 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the blog parameter in an images action to index.php. NOTE: a separate vector for the id parameter to detail.php may also exist.
CVE-2010-1350 2 Joomla, Joomlaprojects 2 Joomla\!, Com Jp Jobs 2025-04-11 N/A
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.