Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1673 1 Ola Lasisi 1 E-ticketing 2025-04-11 N/A
SQL injection vulnerability in loginscript.php in e-ticketing allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2010-0763 1 Commodityrentals 1 Vacation Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action.
CVE-2010-0712 1 Zenoss 1 Zenoss 2025-04-11 N/A
Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters.
CVE-2009-4732 1 Technotoad 1 Tt Web Site Manager 2025-04-11 N/A
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-0753 2 Componentslab, Joomla 2 Com Sqlreport, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0762 1 Commodityrentals 1 Cd Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals CD Rental Software allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-1270 1 Phpscripte24 1 Multi Suktions Komplett System 2025-04-11 N/A
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter.
CVE-2010-0400 1 Mahara 1 Mahara 2025-04-11 N/A
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username.
CVE-2011-4672 1 Valid 1 Tiny-erp 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to (1) _partner_list.php, (2) proioncategory_list.php, (3) _rantevou_list.php, (4) syncategory_list.php, (5) synallasomenos_list.php, (6) ypelaton_list.php, and (7) yproion_list.php.
CVE-2011-4674 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter.
CVE-2010-1744 1 Alibabaclone 1 B2b Gold Script 2025-04-11 N/A
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1529 2 Freestyle, Joomla 2 Faqs Lite, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php.
CVE-2010-4615 1 Iskenderaltuntas 1 Oto Galeri Sistemi 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp.
CVE-2010-0147 1 Cisco 1 Security Agent 2025-04-11 N/A
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4987 1 Kmsoft 1 Guestbook 2025-04-11 N/A
SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2012-4232 1 Jcore 1 Jcore 2025-04-11 N/A
SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie.
CVE-2011-4569 2 Mybb, Tom K 2 Mybb, Forum Userbar Plugin 2025-04-11 N/A
SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows remote attackers to execute arbitrary SQL commands via the image2 parameter.
CVE-2009-4805 1 Will Kraft 1 Ez-blog 2025-04-11 N/A
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
CVE-2009-5102 1 Atcom 1 Netvolution 2025-04-11 N/A
SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.
CVE-2008-7302 2 Joomla, Netshinesoftware 2 Joomla\!, Com Netinvoice 2025-04-11 N/A
SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file."