Search Results (19855 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-7242 1 Zenphoto 1 Zenphoto 2025-04-11 N/A
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4.5.4 allows remote authenticated administrators to execute arbitrary SQL commands via the tableprefix parameter.
CVE-2013-3721 1 Psychostats 1 Psychostats 2025-04-11 N/A
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2013-0684 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4897 1 Bluecms Project 1 Bluecms 2025-04-11 N/A
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.
CVE-2013-6931 1 Cybozu 1 Garoon 2025-04-11 N/A
SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.
CVE-2013-6929 1 Cybozu 1 Garoon 2025-04-11 N/A
SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input.
CVE-2010-4888 2 Marco Hezel, Typo3 2 Hm Tinymarket, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4887 2 Raphael Zschorsch, Typo3 2 Commentsbe, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4876 1 Mblogger Project 1 Mblogger 2025-04-11 N/A
SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter.
CVE-2008-7267 1 Boka 1 Siteengine 2025-04-11 N/A
SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-1047 2 Vasthtml, Wordpress 2 Forum Server, Wordpress 2025-04-11 N/A
Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.
CVE-2010-4865 2 Harmistechnology, Joomla 2 Com Jeguestbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
CVE-2010-4856 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter.
CVE-2010-4855 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
CVE-2010-4854 1 Zuitu 1 Zuitu 2025-04-11 N/A
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action.
CVE-2010-4808 1 Valarsoft 1 Webmatic 2025-04-11 N/A
SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2010-4799 1 Chipmunk-scripts 1 Pwngame 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to authenticate.php and the (3) ID parameter to pwn.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4771 1 Matteoiammarrone 1 S-cms 2025-04-11 N/A
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4770 1 Commodityrentals 1 Dvd Rentals Script 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-4738 1 Raemedia 1 Real Estate Single And Multi Agent System 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.