Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1363 2 Extremejoomla, Joomla 2 Com J-projects, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.
CVE-2010-1359 2 Bluegate, Xt-commerce 2 Direct Url, Xt-commerce 2025-04-11 N/A
SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-3461 1 Endonesia 1 Endonesia 2025-04-11 N/A
SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different vector than CVE-2007-3394.
CVE-2013-2627 1 Idleman 1 Leed 2025-04-11 N/A
SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action.
CVE-2010-3467 1 E-xoopport 1 Samsara 2025-04-11 N/A
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action.
CVE-2011-1663 2 Drupal, Icanlocalize 2 Drupal, Translation Management 2025-04-11 N/A
SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1344 2 Cookex, Joomla 2 Com Ckforms, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.
CVE-2010-3013 1 Pligg 1 Pligg Cms 2025-04-11 N/A
SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the role parameter, a different vulnerability than CVE-2010-2577.
CVE-2010-1343 1 Bjsintay 1 Sitex 2025-04-11 N/A
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter.
CVE-2010-1370 1 Preprojects 1 Pre Classified Listings Asp 2025-04-11 N/A
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
CVE-2010-1341 1 Systemsoftware 1 Community Black Forum 2025-04-11 N/A
SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter.
CVE-2010-3481 1 Apphp 1 Php Microcms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE: some of these details are obtained from third party information. NOTE: the password vector might not be vulnerable.
CVE-2010-1338 2 Robertotto, Woltlab 2 Teamsite Hack Plugin, Burning Board 2025-04-11 N/A
SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action.
CVE-2010-3484 1 Lightneasy 1 Lightneasy 2025-04-11 N/A
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593.
CVE-2010-1331 1 Heartlogic 1 Hl-sitemanager 2025-04-11 N/A
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2010-1327 1 Tornadostore 1 Tornadostore 2025-04-11 N/A
Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3.
CVE-2010-1301 1 Merethis 1 Centreon 2025-04-11 N/A
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter.
CVE-2010-3485 1 Lightneasy 1 Lightneasy 2025-04-11 N/A
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1300 1 Yamamah 1 Yamamah 2025-04-11 N/A
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter.
CVE-2010-1277 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php.