Export limit exceeded: 366583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19843 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4949 2 Joachim Ruhs, Typo3 2 Locator, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-7092 1 Mcafee 1 Email Gateway 2025-04-11 N/A
Multiple SQL injection vulnerabilities in /admin/cgi-bin/rpc/doReport/18 in McAfee Email Gateway 7.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) events_col, (2) event_id, (3) reason, (4) events_order, (5) emailstatus_order, or (6) emailstatus_col JSON keys.
CVE-2009-5026 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-11 N/A
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
CVE-2009-4950 2 Tim Lochmueller \& Thomas Buss, Typo3 2 A21glossary Advanced Output, Typo3 2025-04-11 N/A
SQL injection vulnerability in the A21glossary Advanced Output (a21glossary_advanced_output) extension before 0.1.12 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4985 1 Websitesrus 1 Accessories Me Php Affiliate Script 2025-04-11 N/A
SQL injection vulnerability in browse.php in Accessories Me PHP Affiliate Script 1.4 allows remote attackers to execute arbitrary SQL commands via the Go parameter.
CVE-2010-4861 1 Webspell 1 Webspell 2025-04-11 N/A
SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2013-4313 1 Moodle 1 Moodle 2025-04-11 N/A
Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string.
CVE-2012-3477 1 Thomas Hunter 1 Neoinvoice 2025-04-11 N/A
SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.
CVE-2012-1780 1 Socialcms 1 Socialcms 2025-04-11 N/A
SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2013-1613 1 Symantec 2 Security Information Manager, Security Information Manager Appliance 2025-04-11 N/A
SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-0510 1 Awbs 1 Advanced Webhost Billing System 2025-04-11 N/A
SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an add_other action.
CVE-2011-2751 1 Parodia 1 Parodia 2025-04-11 N/A
SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4927 2 Joomla, Photoindochina 2 Joomla\!, Com Restaurantguide 2025-04-11 N/A
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php.
CVE-2012-1778 1 Createvision 1 Createvision Cms 2025-04-11 N/A
SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4908 1 Virtuenetz 1 Virtue Shopping Mall 2025-04-11 N/A
SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
CVE-2012-3032 1 Siemens 2 Simatic Pcs7, Wincc 2025-04-11 N/A
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message.
CVE-2010-4904 2 Joomla, Simon Philips 2 Joomla\!, Com Aardvertiser 2025-04-11 N/A
SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2014-0726 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326.
CVE-2014-0727 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318.
CVE-2014-0728 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.