Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-5003 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via (1) the scale parameter to pmd_pdf.php or (2) the pdf_page_number parameter to schema_export.php.
CVE-2013-7193 1 Etoshop 1 C2c Forward Auction Creator 2025-04-11 N/A
Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp.
CVE-2010-4946 1 Allpcscript 1 Allpc 2025-04-11 N/A
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
CVE-2010-4830 1 T-dreams 1 Job Career Package 2025-04-11 N/A
SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter.
CVE-2010-4809 1 Liberologico 1 Dbsite 2025-04-11 N/A
SQL injection vulnerability in index.php in DBSite 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-4826 1 Snitz Communications 1 Snitz Forums 2000 2025-04-11 N/A
SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to execute arbitrary SQL commands via the M_NAME parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4808 1 Valarsoft 1 Webmatic 2025-04-11 N/A
SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2010-4834 1 Oneorzero 1 Aims 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter in a saved_search action and (2) item_types parameter in a show_item_search action in the search_management_manage subcontroller. NOTE: some of these details are obtained from third party information.
CVE-2010-4839 2 Edgetechweb, Wordpress 2 Event Registration, Wordpress 2025-04-11 N/A
SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action.
CVE-2010-4751 1 Lightneasy 1 Lightneasy 2025-04-11 N/A
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the id parameter in an edituser action, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485.
CVE-2010-4869 1 Drbenhur 1 Dbhcms 2025-04-11 N/A
SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.
CVE-2012-4060 1 Asp-dev 1 Xm Forums 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp.
CVE-2010-0761 1 Commodityrentals 1 Books\/ebooks Rentals Script 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals Books/eBooks Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a gamecatalog action.
CVE-2010-3479 1 Boutikone 1 Boutikone 2025-04-11 N/A
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2011-1556 1 Aphpkb 1 Aphpkb 2025-04-11 N/A
SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.4 allows remote attackers to execute arbitrary SQL commands via the pdfa parameter.
CVE-2011-4542 1 Hastymail 1 Hastymail2 2025-04-11 N/A
Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or (2) rsargs[] parameter in a mailbox Drafts action to the default URI.
CVE-2012-5900 1 Samedia 1 Landshop 2025-04-11 N/A
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) OB_ID parameter in a single action to admin/action/objects.php, (2) AREA_ID parameter in a single action to admin/action/areas.php, or (3) start parameter in a show action to admin/action/pdf.php.
CVE-2012-5894 1 Havalite 1 Cms 2025-04-11 N/A
SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the postId parameter.
CVE-2010-5047 1 V-eva 1 Press Release Script 2025-04-11 N/A
SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-2998 1 Trend Micro 1 Control Manager 2025-04-11 N/A
SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.