Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1359 2 Bluegate, Xt-commerce 2 Direct Url, Xt-commerce 2025-04-11 N/A
SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1344 2 Cookex, Joomla 2 Com Ckforms, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php.
CVE-2010-1343 1 Bjsintay 1 Sitex 2025-04-11 N/A
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter.
CVE-2010-1370 1 Preprojects 1 Pre Classified Listings Asp 2025-04-11 N/A
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.
CVE-2010-1341 1 Systemsoftware 1 Community Black Forum 2025-04-11 N/A
SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter.
CVE-2010-2142 1 Murat Ersoy 1 Cyberhost 2025-04-11 N/A
SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1338 2 Robertotto, Woltlab 2 Teamsite Hack Plugin, Burning Board 2025-04-11 N/A
SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action.
CVE-2010-1331 1 Heartlogic 1 Hl-sitemanager 2025-04-11 N/A
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2010-1327 1 Tornadostore 1 Tornadostore 2025-04-11 N/A
Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where parameter in a delivery_courier action to control/abm_list.php3.
CVE-2010-1301 1 Merethis 1 Centreon 2025-04-11 N/A
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter.
CVE-2010-1300 1 Yamamah 1 Yamamah 2025-04-11 N/A
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter.
CVE-2010-1277 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php.
CVE-2010-1271 1 Smart-plugs 1 Smartplugs 2025-04-11 N/A
SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
CVE-2010-1265 2 Ekith, Joomla 2 Com Dcs Flashgames, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2009-4947 1 Q2solutions 1 Connx 2025-04-11 N/A
SQL injection vulnerability in frmLoginPwdReminderPopup.aspx in Q2 Solutions ConnX 4.0.20080606 allows remote attackers to execute arbitrary SQL commands via the txtEmail parameter.
CVE-2009-4958 1 Emophp 1 Emo Breeder Manager 2025-04-11 N/A
SQL injection vulnerability in video.php in EMO Breeder Manager (aka EMO Breader Manager) allows remote attackers to execute arbitrary SQL commands via the idd parameter.
CVE-2009-4745 1 Dreamlevels 1 Dreampoll 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action.
CVE-2010-1134 1 Tiki 1 Tikiwiki Cms\/groupware 2025-04-11 N/A
SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable.
CVE-2009-4959 2 Stefan Koch, Typo3 2 T3m, Typo3 2025-04-11 N/A
SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) extension 0.2.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1133 1 Tiki 1 Tikiwiki Cms\/groupware 2025-04-11 N/A
Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php.