Export limit exceeded: 364947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19794 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-100020 1 Itechscripts 1 Itechclassifieds 2025-04-12 N/A
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685.
CVE-2014-100022 1 Mtouch Quiz Project 1 Mtouch Quiz 2025-04-12 N/A
SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php.
CVE-2014-100031 1 Ismail Fahmi 1 Ganesha Digital Library 2025-04-12 N/A
Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php.
CVE-2014-9173 1 Google Doc Embedder Project 1 Google Doc Embedder 2025-04-12 N/A
SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter.
CVE-2014-10032 1 Scriptbrasil 1 Taboada Macronews 2025-04-12 N/A
SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
CVE-2014-10033 1 Oscommerce 1 Online Merchant 2025-04-12 N/A
SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action.
CVE-2014-10034 1 Couponphp 1 Couponphp 2025-04-12 N/A
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
CVE-2014-9175 1 Wpdatatables 1 Wpdatatables 2025-04-12 N/A
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php.
CVE-2014-7153 1 Huge-it 1 Image Gallery 2025-04-12 N/A
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.
CVE-2014-9229 1 Symantec 1 Endpoint Protection 2025-04-12 N/A
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
CVE-2014-9242 1 Websitebaker 1 Websitebaker 2025-04-12 N/A
SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2014-5184 1 Stripshow Plugin Project 1 Stripshow 2025-04-12 N/A
SQL injection vulnerability in the stripshow-storylines page in the stripShow plugin 2.5.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the story parameter in an edit action to wp-admin/admin.php.
CVE-2016-5653 1 Misys 1 Fusioncapital Opics Plus 2025-04-12 N/A
Multiple SQL injection vulnerabilities in Misys FusionCapital Opics Plus allow remote authenticated users to execute arbitrary SQL commands via the (1) ID or (2) Branch parameter.
CVE-2014-5192 1 Sphider 1 Sphider 2025-04-12 N/A
SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter.
CVE-2014-8588 1 Sap 1 Hana 2025-04-12 N/A
SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2016-5792 1 Moxa 1 Softcms 2025-04-12 N/A
SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields.
CVE-2014-7289 2 Broadcom, Symantec 2 Symantec Critical System Protection, Data Center Security 2025-04-12 N/A
SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.
CVE-2014-9528 1 Humhub 1 Humhub 2025-04-12 N/A
SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the from parameter to index.php. NOTE: this can be leveraged for cross-site scripting (XSS) attacks via a request that causes an error.
CVE-2014-3962 1 Videos Tube Project 1 Videos Tube 2025-04-12 N/A
Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.
CVE-2014-3906 1 Kk-osk 2 Advance-flow, Advance-flow Forms 2025-04-12 N/A
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.