Search Results (19827 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3435 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2009-5088 1 Ideacart 1 Ideacart 2025-04-11 N/A
SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter.
CVE-2012-5101 2 Jextensions, Joomla 2 Je Poll Component, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-5098 1 J Waite 1 Php-x-links 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
CVE-2010-5003 2 Autartica, Joomla 2 Com Autartimonial, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4995 2 Joomla, Neojoomla 2 Joomla\!, Com Neorecruit 2025-04-11 N/A
SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506.
CVE-2010-4994 2 Instantphp, Joomla 2 Jobs Pro, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html.
CVE-2013-1852 1 Kolja Schleich 1 Leaguemanager 2025-04-11 N/A
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
CVE-2012-5000 2 Blueteck, Dzcp 2 Witze Addon, Dev\!l\'z Clanportal 2025-04-11 N/A
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2009-4687 1 Hypersilence 1 Silentum Guestbook 2025-04-11 N/A
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter.
CVE-2012-1626 2 Drupal, Karen Stevenson 2 Drupal, Date 2025-04-11 N/A
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-4994 1 Limesurvey 1 Limesurvey 2025-04-11 N/A
SQL injection vulnerability in admin/admin.php in LimeSurvey before 1.91+ Build 120224 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a browse action. NOTE: some of these details are obtained from third party information.
CVE-2012-1061 1 Gforgegroup 1 Gforge 2025-04-11 N/A
SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4691 1 Resalecode 1 Classified Linktrader Script 2025-04-11 N/A
SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter.
CVE-2013-0123 1 Askia 1 Askiaweb 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgHistory.asp or (2) the OrderBy parameter to WebProd/pages/pgadmin.asp.
CVE-2012-4990 1 Openx 1 Openx 2025-04-11 N/A
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action.
CVE-2012-4260 1 Hccgmbh 1 Mycare2x 2025-04-11 N/A
Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the (1) aktion or (2) callurl parameter to modules/patient/mycare2x_pat_info.php; (3) dept_nr or (4) pid parameter to modules/importer/mycare2x_importer.php; (5) myOpsEintrag or (6) keyword parameter in a Suchen action to modules/drg/mycare2x_proc_search.php; or (7) name_last or (8) pid parameter to modules/patient/mycare_pid.php.
CVE-2009-4695 1 Radscripts 1 Radlance 2025-04-11 N/A
SQL injection vulnerability in index.php in RadScripts RadLance Gold 7.5 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action.
CVE-2009-4701 2 Liviu Mitrofan, Typo3 2 Myth Download, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4708 2 Maximo Cuadros, Typo3 2 Gb Fenewssubmit, Typo3 2025-04-11 N/A
SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.