Search Results (19860 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2703 2 Osgeo, Umn 2 Mapserver, Mapserver 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support.
CVE-2010-5043 2 Blueconstantmedia, Joomla 2 Com Djartgallery, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php.
CVE-2010-5041 2 John Bradshaw, Nucleuscms 2 Np Gallery Plugin, Nucleus 2025-04-11 N/A
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
CVE-2010-5013 1 Mckenziecreations 1 Virtual Real Estate Manager 2025-04-11 N/A
SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter.
CVE-2010-5012 1 David Noguera Gutierrez 1 Dalogin 2025-04-11 N/A
SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2012-0293 1 Symantec 1 Altiris Wise Package Studio 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-2930 1 Rubyonrails 2 Rails, Ruby On Rails 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.
CVE-2012-6504 1 Shawn Bradley 1 Php Volunteer Management 2025-04-11 N/A
SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-5001 1 Esoftpro 1 Online Contact Manager 2025-04-11 N/A
SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4917 1 A-blog 1 A-blog 2025-04-11 N/A
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.
CVE-2010-4916 1 Coldgen 1 Coldusergroup 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
CVE-2010-4915 1 Coldgen 1 Coldbookmarks 2025-04-11 N/A
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action.
CVE-2010-4912 1 Discuz 1 Ucenter Home 2025-04-11 N/A
SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote attackers to execute arbitrary SQL commands via the shopid parameter in a view action.
CVE-2012-6526 1 Vastal 1 Freelance Zone 2025-04-11 N/A
SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter.
CVE-2010-4911 1 Sellatsite 1 Php Classifieds Ads 2025-04-11 N/A
SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2012-6586 1 Myrephp 1 Myre Vacation Rental 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the (1) garage1 or (2) bathrooms1 parameter to vacation/1_mobile/search.php, or (3) unspecified input to vacation/widgate/request_more_information.php.
CVE-2010-0672 1 Webmastersite 1 Wsn Guest 2025-04-11 N/A
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
CVE-2010-4910 1 Coldgen 1 Coldcalendar 2025-04-11 N/A
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.
CVE-2010-4905 1 Softbizscripts 1 Article Directory Script 2025-04-11 N/A
SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter.
CVE-2010-4857 1 Curtiss Grymala 1 Cag Cms 2025-04-11 N/A
SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter.