Export limit exceeded: 350489 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18980 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18980 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1562 | 1 Ecava | 1 Integraxor | 2025-04-11 | N/A |
| Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and execute arbitrary SQL statements via unspecified vectors related to a crafted POST request. NOTE: some sources have reported this issue as SQL injection, but this might not be accurate. | ||||
| CVE-2011-1609 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647. | ||||
| CVE-2011-1653 | 1 Broadcom | 1 Total Defense | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures. | ||||
| CVE-2011-1663 | 2 Drupal, Icanlocalize | 2 Drupal, Translation Management | 2025-04-11 | N/A |
| SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-1667 | 1 Xmedien | 1 Anzeigenmarkt | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action. | ||||
| CVE-2011-1686 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data. | ||||
| CVE-2011-1722 | 2 Typo3, Webempoweredchurch | 2 Typo3, Wec Discussion | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011. | ||||
| CVE-2011-1903 | 1 Proofpoint | 2 Messaging Security Gateway, Protection Server | 2025-04-11 | N/A |
| SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2011-1913 | 1 Mercator | 1 Sentinel | 2025-04-11 | N/A |
| SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-2141 | 1 Ibm | 1 Datacap Taskmaster Capture | 2025-04-11 | N/A |
| SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture 8.0.1 before FP1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-2149 | 1 Smartertools | 1 Smarterstats | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the SmarterTools SmarterStats 6.0 web server allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) Admin/frmSite.aspx, (2) Default.aspx, (3) Services/SiteAdmin.asmx, or (4) Client/frmViewReports.aspx; certain cookies to (5) Services/SiteAdmin.asmx or (6) login.aspx; the Referer HTTP header to (7) Services/SiteAdmin.asmx or (8) login.aspx; or (9) the User-Agent HTTP header to Services/SiteAdmin.asmx. | ||||
| CVE-2011-2467 | 1 Likewise | 1 Likewise Open | 2025-04-11 | N/A |
| SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-2703 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support. | ||||
| CVE-2011-3130 | 1 Wordpress | 1 Wordpress | 2025-04-11 | N/A |
| wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection. | ||||
| CVE-2011-3340 | 1 Atcom | 1 Netvolution | 2025-04-11 | N/A |
| SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | ||||
| CVE-2011-3394 | 1 Myrephp | 1 Myre Real Estate Software | 2025-04-11 | N/A |
| SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2011-3688 | 1 Sonexis | 1 Conferencemanager | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers to execute arbitrary SQL commands via (1) the g parameter to Conference/Audio/AudioResourceContainer.asp or (2) the txtConferenceID parameter to Login/HostLogin.asp. | ||||
| CVE-2011-3831 | 1 Sitracker | 1 Support Incident Tracker | 2025-04-11 | N/A |
| SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name. | ||||
| CVE-2011-3988 | 1 Lockon | 1 Ec-cube | 2025-04-11 | N/A |
| SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-3989 | 1 Hiroyuki Oyama | 1 Dbd\ | 2025-04-11 | N/A |
| SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||