| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter. |
| SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the dl_id parameter. |
| SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php. |
| SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action. |
| SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter. |
| SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the comic_id parameter. |
| SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task. |
| SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922. |
| SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php. |
| SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected. |
| SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. |
| SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter. |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. |
| SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306. |
| SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. |
