Export limit exceeded: 19005 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19005 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-7225 | 1 Fatfreecrm | 1 Fat Free Crm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in app/controllers/home_controller.rb in Fat Free CRM before 0.12.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the homepage timeline feature or (2) the activity feature. | ||||
| CVE-2013-7278 | 1 Naxtech | 1 Cms Afroditi | 2025-04-11 | N/A |
| SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to default.asp. | ||||
| CVE-2012-2998 | 1 Trend Micro | 1 Control Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-3000 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Analytics, Big-ip Application Security Manager and 7 more | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter. | ||||
| CVE-2012-1225 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php. | ||||
| CVE-2012-1218 | 1 Freelancerkit | 1 Freelancerkit | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to the (1) notes and (2) tickets components. | ||||
| CVE-2012-4941 | 1 Agilefleet | 2 Fleetcommander, Fleetcommander Kiosk | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-4056 | 1 Uiga | 1 Personal Portal | 2025-04-11 | N/A |
| SQL injection vulnerability in index2.php in Uiga Personal Portal allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2012-1026 | 1 Johannes Ekberg | 1 Xray Cms | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | ||||
| CVE-2012-1022 | 1 4homepages | 1 4images | 2025-04-11 | N/A |
| SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute arbitrary SQL commands via the cat_parent_id parameter in an addcat action. | ||||
| CVE-2012-3032 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-11 | N/A |
| SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. | ||||
| CVE-2013-5409 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-4313 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string. | ||||
| CVE-2013-5302 | 2 Kennziffer, Typo3 | 2 Ke Search, Typo3 | 2025-04-11 | N/A |
| SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-1017 | 1 Secureideas | 1 Base | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allow remote attackers to execute arbitrary SQL commands via the (1) ip_addr[0][1], (2) ip_addr[0][2], or (3) ip_addr[0][9] parameters. | ||||
| CVE-2014-1204 | 1 Tableausoftware | 1 Tableau Server | 2025-04-11 | N/A |
| SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled. | ||||
| CVE-2013-5121 | 1 Phpfox | 1 Phpfox | 2025-04-11 | N/A |
| SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/. | ||||
| CVE-2013-5120 | 1 Phpfox | 1 Phpfox | 2025-04-11 | N/A |
| SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/. | ||||
| CVE-2013-3437 | 1 Cisco | 1 Unified Operations Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. | ||||
| CVE-2012-6526 | 1 Vastal | 1 Freelance Zone | 2025-04-11 | N/A |
| SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter. | ||||