Search Results (19834 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1009 2 Joachim-ruhs, Typo3 2 Educator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-4638 1 Spamtitan 1 Webtitan 2025-04-11 N/A
Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login-x.php, and allow remote authenticated users to execute arbitrary SQL commands via the (2) bldomain, (3) wldomain, or (4) temid parameter to urls-x.php.
CVE-2011-1903 1 Proofpoint 2 Messaging Security Gateway, Protection Server 2025-04-11 N/A
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2011-1100 1 Pixelpost 1 Pixelpost 2025-04-11 N/A
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.
CVE-2011-1061 1 Webmastersite 1 Wsn Guest 2025-04-11 N/A
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.
CVE-2011-1060 1 Webmastersite 1 Wsn Guest 2025-04-11 N/A
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
CVE-2011-1048 1 Mihantools 1 Mihantools 2025-04-11 N/A
SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-0519 1 Gallarific 1 Php Photo Gallery Script 2025-04-11 N/A
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-0443 1 Tinybb 1 Tinybb 2025-04-11 N/A
SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1047 1 Masa2el 1 Music City 2025-04-11 N/A
SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action.
CVE-2010-5021 1 Cramerdev 1 Document Library 2025-04-11 N/A
SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter.
CVE-2010-5020 1 Netartmedia 1 Iboutique 2025-04-11 N/A
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-5019 1 2daybiz 1 Online Classified Script 2025-04-11 N/A
SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
CVE-2012-0226 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1067 2 Mg12, Wordpress 2 Wp-recentcomments, Wordpress 2025-04-11 N/A
SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-5017 1 Eliteladders 1 Elite Gaming Ladders 2025-04-11 N/A
SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter.
CVE-2010-4970 1 Wikiwebhelp 1 Wiki Web Help 2025-04-11 N/A
SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-0905 1 Dev\!l\'s 1 Dev\!l\'z Clanportal Gamebase Addon 2025-04-11 N/A
SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase addon allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php.
CVE-2012-0906 2 Dev\!l\'z, Mystarmedia 2 Dev\!l\'z Clanportal, Moviebase Addon 2025-04-11 N/A
SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal (DZCP) 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php.
CVE-2012-0912 1 Stone-ware 1 Webnetwork 2025-04-11 N/A
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.