Search Results (19856 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2109 2 Buddypress, Wordpress 2 Buddypress, Wordpress 2025-04-11 N/A
SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.
CVE-2011-2546 1 Cisco 4 Sa500 Software, Sa520, Sa520w and 1 more 2025-04-11 N/A
SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.
CVE-2010-1271 1 Smart-plugs 1 Smartplugs 2025-04-11 N/A
SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
CVE-2010-4721 1 Mhproducts 1 Immo Makler 2025-04-11 N/A
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0951 1 Dev4u 1 Dev4u Cms 2025-04-11 N/A
SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitrary SQL commands via the kontent_id parameter.
CVE-2011-0644 1 Phpcms 1 Phpcms 2008 2025-04-11 N/A
SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php.
CVE-2010-4735 1 Ecommercemax 1 Digital-goods Seller 2025-04-11 N/A
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2011-4521 1 Advantech 1 Advantech Webaccess 2025-04-11 N/A
SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input.
CVE-2011-0645 1 Phpcms 1 Phpcms 2008 2025-04-11 N/A
SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action.
CVE-2010-2095 1 Cmsqlite 1 Cmsqlite 2025-04-11 N/A
SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2010-0956 1 Opencart 1 Opencart 2025-04-11 N/A
SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-4738 1 Raemedia 1 Real Estate Single And Multi Agent System 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.
CVE-2009-5091 1 Vlinks 1 Vlinks 2025-04-11 N/A
SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-5088 1 Ideacart 1 Ideacart 2025-04-11 N/A
SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter.
CVE-2010-4844 1 Mhproducts 1 Easy Online Shop 2025-04-11 N/A
SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2011-0646 1 Anserv 1 Php Low Bids 2025-04-11 N/A
SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2012-5550 2 Carlos Carvalhar, Drupal 2 Time Spent, Drupal 2025-04-11 N/A
SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4770 1 Commodityrentals 1 Dvd Rentals Script 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-4771 1 Matteoiammarrone 1 S-cms 2025-04-11 N/A
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4799 1 Chipmunk-scripts 1 Pwngame 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to authenticate.php and the (3) ID parameter to pwn.php. NOTE: some of these details are obtained from third party information.