Export limit exceeded: 366864 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19854 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1704 1 2daybiz 1 Polls Script 2025-04-11 N/A
Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information.
CVE-2010-1045 2 Design-cars, Joomla 2 Com Productbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2611 1 I-netsolution 1 Job Search Engine Script 2025-04-11 N/A
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2010-2257 1 Payperviewvideosoftware 1 Pay Per Minute Video Chat Script 2025-04-11 N/A
SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-4609 1 Html-edit 1 Html-edit Cms 2025-04-11 N/A
SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to execute arbitrary SQL commands via the nuser parameter in a registrate action.
CVE-2010-4612 1 Hycus 1 Hycus Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1/hlogin.html, (4) useremail parameter to user/1/forgotpass.html, and the (5) q parameter to search/1.html. NOTE: some of these details are obtained from third party information.
CVE-2010-1372 2 Hdflvplayer, Joomla 2 Com Hdflvplayer, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2010-4993 2 Joomla, Kay Messerschmidt 2 Joomla\!, Com Eventcal 2025-04-11 N/A
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2010-1708 1 Freerealty.rwcinc 1 Free Realty 2025-04-11 N/A
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
CVE-2010-5022 2 Harmistechnology, Joomla 2 Com Jesubmit, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
CVE-2010-2255 2 Joomla, Tamlyncreative 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more 2025-04-11 N/A
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4977 2 Joomla, Miniwork 2 Joomla\!, Com Canteen 2025-04-11 N/A
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php.
CVE-2010-5004 1 2daybiz 1 Polls Script 2025-04-11 N/A
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2010-1363 2 Extremejoomla, Joomla 2 Com J-projects, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.
CVE-2010-4834 1 Oneorzero 1 Aims 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter in a saved_search action and (2) item_types parameter in a show_item_search action in the search_management_manage subcontroller. NOTE: some of these details are obtained from third party information.
CVE-2010-4968 2 Joomla, Webmaster-tips 2 Joomla\!, Com Wmtpic 2025-04-11 N/A
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
CVE-2011-1722 2 Typo3, Webempoweredchurch 2 Typo3, Wec Discussion 2025-04-11 N/A
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011.
CVE-2010-4838 2 Extensiondepot, Joomla 2 Com Jsupport, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php.
CVE-2010-4839 2 Edgetechweb, Wordpress 2 Event Registration, Wordpress 2025-04-11 N/A
SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action.
CVE-2010-4959 1 Preproject 1 Pre Podcast Portal 2025-04-11 N/A
SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter.