Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-6586 1 Myrephp 1 Myre Vacation Rental 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the (1) garage1 or (2) bathrooms1 parameter to vacation/1_mobile/search.php, or (3) unspecified input to vacation/widgate/request_more_information.php.
CVE-2010-5004 1 2daybiz 1 Polls Script 2025-04-11 N/A
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2010-5062 1 Mh Products 1 Kleinanzeigenmarkt 2025-04-11 N/A
SQL injection vulnerability in search.php in MH Products kleinanzeigenmarkt allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2010-5060 1 Internet-works 1 Nus Newssystem 2025-04-11 N/A
SQL injection vulnerability in Nus.php in NUs Newssystem 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-5047 1 V-eva 1 Press Release Script 2025-04-11 N/A
SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-3479 1 Boutikone 1 Boutikone 2025-04-11 N/A
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2013-3602 1 Trivantis 1 Coursemill Learning Management System 2025-04-11 N/A
SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter.
CVE-2013-3578 1 Wave 2 Embassy Remote Administration Server, Embassy Remote Administration Server Help Desk 2025-04-11 N/A
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands.
CVE-2010-0702 1 Netfortris 1 Trixbox 2025-04-11 N/A
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-0710 1 Aspcodecms 1 Aspcode Cms 2025-04-11 N/A
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0795 2 Harmistechnology, Joomla 2 Com Jeeventcalendar, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php.
CVE-2010-0796 2 Harmistechnology, Joomla 2 Com Jeeventcalendar, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php.
CVE-2010-0798 2 Snowflake, Typo3 2 T3blog, Typo3 2025-04-11 N/A
SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0945 2 Hotbrackets, Joomla 2 Com Hotbrackets, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-0946 2 Joomla, Kiss-software 2 Joomla\!, Com Ksadvertiser 2025-04-11 N/A
SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertiser) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showcats action to index.php.
CVE-2010-0950 1 Natychmiast-cms 1 Natychmiast-cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Natychmiast CMS allow remote attackers to execute arbitrary SQL commands via the id_str parameter to (1) index.php and (2) a_index.php.
CVE-2010-0952 1 Insanevisions 1 Onecms 2025-04-11 N/A
SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an elite action.
CVE-2010-0956 1 Opencart 1 Opencart 2025-04-11 N/A
SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-0951 1 Dev4u 1 Dev4u Cms 2025-04-11 N/A
SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter.
CVE-2010-0964 1 Media-products 1 Eros Webkatalog 2025-04-11 N/A
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.