Export limit exceeded: 366291 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19827 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-4803 2 Bravenewcode, Wordpress 2 Wptouch, Wordpress 2025-04-11 N/A
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-3601 1 Invisionpower 1 Ibphotohost 2025-04-11 N/A
SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows remote attackers to execute arbitrary SQL commands via the img parameter.
CVE-2010-3608 1 Wire Plastic Design 1 Wpquiz 2025-04-11 N/A
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.
CVE-2011-4829 2 Barter-sites, Joomla 2 Com Listing, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php.
CVE-2011-4847 2 Microsoft, Parallels 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel 2025-04-11 N/A
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/.
CVE-2010-4280 1 Artica 1 Pandora Fms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estado_agente action to index.php, related to operation/agentes/estado_agente.php.
CVE-2011-3340 1 Atcom 1 Netvolution 2025-04-11 N/A
SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
CVE-2011-4921 1 E107 1 E107 2025-04-11 N/A
SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2010-4696 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-4700 1 Php 1 Php 2025-04-11 N/A
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
CVE-2010-4703 1 Hotwebscripts 1 Hotweb Rentals 2025-04-11 N/A
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-4720 2 Harmistechnology, Joomla 2 Com Jeauto, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.
CVE-2010-4854 1 Zuitu 1 Zuitu 2025-04-11 N/A
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action.
CVE-2010-4855 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
CVE-2010-4856 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter.
CVE-2010-4865 2 Harmistechnology, Joomla 2 Com Jeguestbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
CVE-2010-4876 1 Mblogger Project 1 Mblogger 2025-04-11 N/A
SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter.
CVE-2010-4887 2 Raphael Zschorsch, Typo3 2 Commentsbe, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4888 2 Marco Hezel, Typo3 2 Hm Tinymarket, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4897 1 Bluecms Project 1 Bluecms 2025-04-11 N/A
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.