Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4860 1 Galaxyscriptz 1 Myphpauction 2025-04-11 N/A
SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4854 1 Zuitu 1 Zuitu 2025-04-11 N/A
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action.
CVE-2010-4855 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
CVE-2010-4859 1 Webasyst 1 Shop-script 2025-04-11 N/A
SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blog_id parameter in a news action.
CVE-2010-4887 2 Raphael Zschorsch, Typo3 2 Commentsbe, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4888 2 Marco Hezel, Typo3 2 Hm Tinymarket, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4891 2 Andreas Kiefer, Typo3 2 Ke Yac, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4897 1 Bluecms Project 1 Bluecms 2025-04-11 N/A
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.
CVE-2010-2436 1 Anecms 1 Anecms Blog 2025-04-11 N/A
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
CVE-2010-2438 1 Laubrotel 1 G.cms Generator 2025-04-11 N/A
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
CVE-2010-2611 1 I-netsolution 1 Job Search Engine Script 2025-04-11 N/A
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2010-4903 1 Cubecart 1 Cubecart 2025-04-11 N/A
SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remote attackers to execute arbitrary SQL commands via the searchStr parameter.
CVE-2010-1874 2 Com-property, Joomla 2 Com Properties, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4908 1 Virtuenetz 1 Virtue Shopping Mall 2025-04-11 N/A
SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
CVE-2010-4910 1 Coldgen 1 Coldcalendar 2025-04-11 N/A
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.
CVE-2010-4911 1 Sellatsite 1 Php Classifieds Ads 2025-04-11 N/A
SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2010-4917 1 A-blog 1 A-blog 2025-04-11 N/A
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.
CVE-2010-4919 1 Micronetsoft 1 Rv Dealer Website 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter.
CVE-2010-4925 1 Nuked-klan 2 Nuked-klan, Partenaires Module 2025-04-11 N/A
SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4929 2 Joomla, Joostina-cms 2 Joomla\!, Com Ezautos 2025-04-11 N/A
SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php.