Export limit exceeded: 19830 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19830 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-5088 1 Ideacart 1 Ideacart 2025-04-11 N/A
SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter.
CVE-2013-5967 1 Alienvault 1 Open Source Security Information Management 2025-04-11 N/A
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php, (2) radar-iso27001-A12IS_acquisition-pot.php, (3) radar-iso27001-A11AccessControl-pot.php, (4) radar-iso27001-A10Com_OP_Mgnt-pot.php, or (5) radar-pci-potential.php in RadarReport/.
CVE-2010-2611 1 I-netsolution 1 Job Search Engine Script 2025-04-11 N/A
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
CVE-2010-2683 1 Customerparadigm 1 Pagedirector Cms 2025-04-11 N/A
SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the sub_catid parameter.
CVE-2010-0974 1 Phpcityportal 1 Phpcityportal 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_details.php, and (4) auto_details.php.
CVE-2010-1045 2 Design-cars, Joomla 2 Com Productbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2013-1852 1 Kolja Schleich 1 Leaguemanager 2025-04-11 N/A
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
CVE-2012-1673 1 Ola Lasisi 1 E-ticketing 2025-04-11 N/A
SQL injection vulnerability in loginscript.php in e-ticketing allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2012-1672 1 Useasdf 4444 1 Hotel Booking Portal 2025-04-11 N/A
SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 allows remote attackers to execute arbitrary SQL commands via the country parameter.
CVE-2011-2181 1 Reallysimplechat 1 Really Simple Chat 2025-04-11 N/A
Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room parameter to base/admin/edit_room.php.
CVE-2013-5322 2 Jan Bednarik, Typo3 2 Cooluri, Typo3 2025-04-11 N/A
SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5321 1 Alienvault 1 Open Source Security Information Management 2025-04-11 N/A
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4] parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5) port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or (7) rvalue parameter in a search action to vulnmeter/index.php.
CVE-2013-5318 1 Benjamin Arnaudetr 1 Ginkgocms 2025-04-11 N/A
SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the rang parameter to index.php.
CVE-2010-1051 1 Alexandre Dubus 1 Audistat 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1053 1 Zentracking 1 Zen Time Tracking 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. NOTE: some of these details are obtained from third party information.
CVE-2012-1656 2 Drupal, Wesjones 2 Drupal, Multisite Search 2025-04-11 N/A
SQL injection vulnerability in the Multisite Search module 6.x-2.2 for Drupal allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the Site table prefix field.
CVE-2010-2148 2 Joomla, Unisoft 2 Joomla\!, Com Mycar 2025-04-11 N/A
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php.
CVE-2012-4925 1 Imgpals 1 Img Pals Photo Host 2025-04-11 N/A
Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a (1) app0 or (2) app1 action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-4927 1 Limesurvey 1 Limesurvey 2025-04-11 N/A
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
CVE-2010-2699 1 Edgephp 1 Clickbank Affiliate Marketplace Script 2025-04-11 N/A
SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to execute arbitrary SQL commands via the search parameter.