Search Results (19855 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1012 2 Mathias Schreiber, Typo3 2 Nf Cleandb, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-2140 1 Multishopcms 1 Multishop Cms 2025-04-11 N/A
SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-2141 1 Nitropowered 1 Nitro Web Gallery 2025-04-11 N/A
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.
CVE-2010-2339 1 Subdreamer 1 Subdreamer 2025-04-11 N/A
SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action.
CVE-2010-2142 1 Murat Ersoy 1 Cyberhost 2025-04-11 N/A
SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0609 1 Novaboard 1 Novaboard 2025-04-11 N/A
SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2013-4681 2 Michael Staatz, Typo3 2 Sofortueberweisung2commerce, Typo3 2025-04-11 N/A
SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-2851 2 Joomla, Ordasoft 2 Joomla\!, Com Booklibrary 2025-04-11 N/A
SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and possibly earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-2338 1 Vunet 1 Vu Web Visitor Analyst 2025-04-11 N/A
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-4650 2 Joomla, Onnogroen 2 Joomla\!, Com Webeecomment 2025-04-11 N/A
SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0608 1 Novaboard 1 Novaboard 2025-04-11 N/A
SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action.
CVE-2011-0448 1 Rubyonrails 1 Rails 2025-04-11 N/A
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.
CVE-2011-0511 2 Joomla, Joomtraders 2 Joomla\!, Com Allcinevid 2025-04-11 N/A
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2012-2325 1 Mybb 1 Mybb 2025-04-11 N/A
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4861 1 Webspell 1 Webspell 2025-04-11 N/A
SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2013-2050 1 Redhat 3 Cloudforms Management Engine, Cloudforms Managementengine, Manageiq Enterprise Virtualization Manager 2025-04-11 N/A
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.
CVE-2011-1390 1 Ibm 1 Rational Clearquest 2025-04-11 N/A
SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1.9, 7.1.2.x before 7.1.2.6, and 8.x before 8.0.0.2 allows remote attackers to execute arbitrary SQL commands by leveraging an error in the user-database upgrade feature.
CVE-2010-1918 1 Efrontlearning 1 Efront 2025-04-11 N/A
SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatrooms_ID parameter.
CVE-2010-1925 1 Rifat Kurban 1 Tekno.portal 2025-04-11 N/A
SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-2817.
CVE-2010-4866 1 Chipmunk-scripts 1 Chipmunk Board 2025-04-11 N/A
SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter.