Export limit exceeded: 18863 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18863 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5894 | 1 Havalite | 1 Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the postId parameter. | ||||
| CVE-2012-5910 | 1 B2evolution | 1 B2evolution | 2025-04-11 | N/A |
| SQL injection vulnerability in blogs/htsrv/viewfile.php in b2evolution 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via the root parameter. | ||||
| CVE-2012-5912 | 1 Pico | 1 Picopublisher | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in PicoPublisher 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) page.php or (2) single.php. | ||||
| CVE-2013-0123 | 1 Askia | 1 Askiaweb | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgHistory.asp or (2) the OrderBy parameter to WebProd/pages/pgadmin.asp. | ||||
| CVE-2010-1049 | 1 Uiga | 1 Business Portal | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php. | ||||
| CVE-2010-1047 | 1 Masa2el | 1 Music City | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action. | ||||
| CVE-2010-1046 | 1 Ryan Marshall | 1 Rostermain | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters. | ||||
| CVE-2013-1617 | 1 Symantec | 3 Web Gateway, Web Gateway Appliance 8450, Web Gateway Appliance 8490 | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1045 | 2 Design-cars, Joomla | 2 Com Productbook, Joomla\! | 2025-04-11 | N/A |
| SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1075 | 1 Entrylevelcms | 1 El Cms | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to execute arbitrary SQL commands via the subj parameter. | ||||
| CVE-2010-1026 | 2 Mathon Nicolas, Typo3 | 2 Tmsw Cleandb, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1024 | 2 Chris Wederka, Typo3 | 2 Tgm Newsletter, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-2956 | 1 Ibm | 1 Infosphere Optim Data Growth For Oracle E-business Suite | 2025-04-11 | N/A |
| SQL injection vulnerability in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-3033 | 1 Ibm | 1 Tivoli Remote Control | 2025-04-11 | N/A |
| SQL injection vulnerability in the server component in IBM Tivoli Remote Control 5.1.2 before 5.1.2-TIV-TRC512-IF0015 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-1368 | 1 Gamescript | 1 Gamescript | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action. | ||||
| CVE-2013-4137 | 1 Status | 1 Statusnet | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format." | ||||
| CVE-2013-4715 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-11 | N/A |
| SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4719 | 2 Lina Wolf, Typo3 | 2 Seo Pack For Tt News, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the SEO Pack for tt_news extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4720 | 2 Typo3, Webempoweredchurch | 2 Typo3, Wec Discussion | 2025-04-11 | N/A |
| SQL injection vulnerability in the WEC Discussion Forum extension before 2.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4748 | 2 Georg Ringer, Typo3 | 2 News, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||