Export limit exceeded: 19826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19826 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-3404 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
CVE-2013-4870 2 News Search Project, Typo3 2 News Search, Typo3 2025-04-11 N/A
SQL injection vulnerability in the News Search (news_search) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4721 2 3ds, Typo3 2 Push2rss 3ds, Typo3 2025-04-11 N/A
SQL injection vulnerability in the RSS feed from records extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4715 1 Tiki 1 Tikiwiki Cms\/groupware 2025-04-11 N/A
SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0244 1 Advantech 1 Advantech Webaccess 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess before 7.0 allow remote attackers to execute arbitrary SQL commands via crafted string input.
CVE-2013-4683 2 Christophe Balisky, Typo3 2 Meta Feedit, Typo3 2025-04-11 N/A
SQL injection vulnerability in the meta_feedit extension 0.1.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4662 1 Civicrm 1 Civicrm 2025-04-11 N/A
The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the "second layer" of the API, related to contact.getquick.
CVE-2013-4461 1 Redhat 1 Enterprise Mrg 2025-04-11 N/A
SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."
CVE-2011-4946 1 E107 1 E107 2025-04-11 N/A
SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter.
CVE-2011-5201 1 Steveyolam 1 Tinyguestbook 2025-04-11 N/A
Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execute arbitrary SQL commands via the (1) name and (2) msg parameters. NOTE: some of these details are obtained from third party information.
CVE-2011-5200 1 Dedecms 1 Dedecms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) list.php, (2) members.php, or (3) book.php.
CVE-2010-1069 1 Proarcadescript 1 Proarcadescript 2025-04-11 N/A
SQL injection vulnerability in games/game.php in ProArcadeScript allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1070 1 Imagoscripts 1 Deviant Art Clone 2025-04-11 N/A
SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action.
CVE-2010-1071 1 Phpmdj 1 Phpmdj 2025-04-11 N/A
SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-1078 1 Sphere.xlentprojects 1 Spherecms 2025-04-11 N/A
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism.
CVE-2010-5063 1 Vwar 1 Virtual War 2025-04-11 N/A
SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter.
CVE-2011-5111 1 Kajianwebsite 1 Cms Balitbang 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to execute arbitrary SQL commands via the hal parameter to (1) the data module in alumni.php; or the (2) lih_buku, (3) artikel, (4) album, or (5) berita module in index.php.
CVE-2011-4725 3 Microsoft, Parallels, Redhat 3 Windows, Parallels Plesk Panel, Enterprise Linux 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by login_up.php3 and certain other files.
CVE-2011-4674 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter.
CVE-2011-4673 2 Automattic, Wordpress 2 Jetpack, Wordpress 2025-04-11 N/A
SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.