Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1815 1 Emerson 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation 2025-04-11 N/A
SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-2601 1 Progress 1 Whatsup Gold 2025-04-11 N/A
SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter.
CVE-2012-2695 4 Cloudforms Cloudengine, Redhat, Rhel Sam and 1 more 5 1, Openshift, 1.1 and 2 more 2025-04-11 N/A
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
CVE-2012-2718 2 Drupal, Drupal-id 2 Drupal, Counter Module 2025-04-11 N/A
SQL injection vulnerability in the Counter module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "recording visits."
CVE-2012-2762 1 S9y 1 Serendipity 2025-04-11 N/A
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
CVE-2012-3468 1 Ushahidi 1 Ushahidi Platform 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the verify function in application/controllers/alerts.php, (2) the save_all function in application/models/settings.php, or (3) the media type to the timeline function in application/controllers/json.php.
CVE-2012-3470 1 Ushahidi 1 Ushahidi Platform 2025-04-11 N/A
Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to _get_countries functions.
CVE-2012-3471 1 Ushahidi 1 Ushahidi Platform 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/reports.php and (2) application/controllers/members/reports.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via an incident id.
CVE-2012-3554 2 Joomla, Rsgallery2 2 Joomla\!, Com Rsgallery2 2025-04-11 N/A
SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-4178 1 Symantec 1 Web Gateway 2025-04-11 N/A
SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter.
CVE-2012-4261 1 Hccgmbh 1 Mycare2x 2025-04-11 N/A
SQL injection vulnerability in modules/patient/mycare2x_pat_info.php in myCare2x allows remote attackers to execute arbitrary SQL commands via the lang parameter.
CVE-2012-4279 1 Rwcinc 1 Free Realty 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
CVE-2012-5227 1 Peel 1 Peel Shopping 2025-04-11 N/A
SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5294 1 Mystorexpress 1 Tienda Virtual 2025-04-11 N/A
SQL injection vulnerability in art_detalle.php in MyStore Xpress Tienda Virtual allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5288 1 Accomplishtechnology 1 Phpmydirectory 2025-04-11 N/A
SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5289 1 Plogger 1 Plogger 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php.
CVE-2012-5290 1 Wcs4web 1 Easywebrealestate 2025-04-11 N/A
Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remote attackers to execute arbitrary SQL commands via the (1) lstid parameter to listings.php or (2) infoid parameter to index.php.
CVE-2012-5291 1 Possesports 1 Posse Softball Director Cms 2025-04-11 N/A
SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter.
CVE-2012-5300 1 Mystorexpress 1 Tienda Virtual 2025-04-11 N/A
SQL injection vulnerability in art_catalogo.php in MyStore Xpress Tienda Virtual 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-5333 1 Preprojects 1 Pre Printing Press 2025-04-11 N/A
SQL injection vulnerability in page.php in Pre Printing Press allows remote attackers to execute arbitrary SQL commands via the id parameter.