Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-3394 1 Myrephp 1 Myre Real Estate Software 2025-04-11 N/A
SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-4972 1 Ypninc 1 Jokescript 2025-04-11 N/A
SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter.
CVE-2010-4975 2 Joomla, Techjoomla 2 Joomla\!, Com Socialads 2025-04-11 N/A
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.
CVE-2010-4269 1 O-dyn 1 Collabtive 2025-04-11 N/A
SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action.
CVE-2010-4983 1 Iscripts 1 Cybermatch 2025-04-11 N/A
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4991 2 Joomla, Ninjaforge 2 Joomla\!, Ninjamonials 2025-04-11 N/A
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php.
CVE-2010-4272 2 Joomla, Pulseinfotech 2 Joomla\!, Com Sponsorwall 2025-04-11 N/A
SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2010-4999 1 Esoftpro 1 Online Photo Pro 2025-04-11 N/A
SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2010-4284 1 Samsung 1 Data Management Server 2025-04-11 N/A
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4356 1 Site2nite 1 Big Truck Broker 2025-04-11 N/A
SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter.
CVE-2010-4503 1 Aigaion 1 Aigaion 2025-04-11 N/A
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action.
CVE-2010-4505 1 Injader 1 Injader 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) un and (2) pw parameters.
CVE-2010-4720 2 Harmistechnology, Joomla 2 Com Jeauto, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
CVE-2010-4721 1 Mhproducts 1 Immo Makler 2025-04-11 N/A
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4782 1 Softwebsnepal 1 Ananda Real Estate 2025-04-11 N/A
Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) city, (2) state, (3) country, (4) minprice, (5) maxprice, (6) bed, and (7) bath parameters, different vectors than CVE-2006-6807.
CVE-2013-3522 1 Vbulletin 1 Vbulletin 2025-04-11 N/A
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
CVE-2010-4791 2 Marcusg, Php-fusion 2 Mg User Fotoalbum Panel, Php-fusion 2025-04-11 N/A
SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG User-Fotoalbum (mg_user_fotoalbum_panel) module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the album_id parameter.
CVE-2010-4967 1 Atcom 1 Netvolution 2025-04-11 N/A
SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to execute arbitrary SQL commands via the artID parameter.
CVE-2010-3423 2 Drupal, Freka 2 Drupal, Yr Verdata 2025-04-11 N/A
SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method.
CVE-2010-3458 1 Getsymphony 1 Symphony 2025-04-11 N/A
SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party information.