Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-5038 1 Hitcode 1 Hitappoint 2025-04-11 N/A
SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-5076 1 Hudong 1 Hdwiki 2025-04-11 N/A
SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.
CVE-2011-5091 1 Grboard 1 Grboard 2025-04-11 N/A
Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php, (3) the delTargets[0] parameter to view_memo.php, or (4) the isReported parameter to write_ok.php.
CVE-2011-5137 1 Tforum 1 Tforum 2025-04-11 N/A
Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard.php, or (3) CatID parameter to viewcat.php.
CVE-2010-0968 1 Geekhelps 1 Admp 2025-04-11 N/A
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter.
CVE-2011-5175 1 Bananadance 1 Banana Dance 2025-04-11 N/A
SQL injection vulnerability in search.php in Banana Dance, possibly B.1.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2011-5200 1 Dedecms 1 Dedecms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php.
CVE-2010-0631 1 Eicrasoft 1 Eicra Car Rental-script 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
CVE-2011-5201 1 Steveyolam 1 Tinyguestbook 2025-04-11 N/A
Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. NOTE: some of these details are obtained from third party information.
CVE-2011-5203 1 Akiva 1 Webboard 2025-04-11 N/A
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information.
CVE-2011-5212 1 Intelliants 1 Subrion Cms 2025-04-11 N/A
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
CVE-2012-5300 1 Mystorexpress 1 Tienda Virtual 2025-04-11 N/A
SQL injection vulnerability in art_catalogo.php in MyStore Xpress Tienda Virtual 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-5222 1 Scripte24shop 1 Php Flirt-projekt 2025-04-11 N/A
SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the rub parameter.
CVE-2010-0970 1 Jorik Berkepas 1 Phpmylogon 2025-04-11 N/A
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2012-5291 1 Possesports 1 Posse Softball Director Cms 2025-04-11 N/A
SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter.
CVE-2010-0974 1 Phpcityportal 1 Phpcityportal 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_details.php, and (4) auto_details.php.
CVE-2011-5229 1 Apprain 1 Apprain 2025-04-11 N/A
SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
CVE-2013-3973 1 Ibm 1 Maximo Asset Management 2025-04-11 N/A
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-5290 1 Wcs4web 1 Easywebrealestate 2025-04-11 N/A
Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remote attackers to execute arbitrary SQL commands via the (1) lstid parameter to listings.php or (2) infoid parameter to index.php.
CVE-2012-5289 1 Plogger 1 Plogger 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php.