Export limit exceeded: 366988 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366988 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19860 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19860 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4633 1 Sumeffect 1 Digishop 2025-04-11 N/A
SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vulnerability than CVE-2005-4614.1.
CVE-2010-4632 1 Pilotcart 1 Pilot Cart 2025-04-11 N/A
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
CVE-2010-1431 1 Cacti 1 Cacti 2025-04-11 N/A
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.
CVE-2010-4615 1 Iskenderaltuntas 1 Oto Galeri Sistemi 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) arac parameter to carsdetail.asp and the (2) marka parameter to twohandscars.asp.
CVE-2010-2515 2 Dacian Strain, Joomla 2 Com Jfaq, Joomla\! 2025-04-11 N/A
Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with "Public Front-end" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information.
CVE-2010-1365 1 Uiga 1 Fan Club 2025-04-11 N/A
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
CVE-2012-2718 2 Drupal, Drupal-id 2 Drupal, Counter Module 2025-04-11 N/A
SQL injection vulnerability in the Counter module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "recording visits."
CVE-2010-1094 1 Miethner-scripting 1 Dz Erotik Auktionshaus V4rgo 2025-04-11 N/A
SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus V4rgo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4298 1 Dustincowell 1 Free Simple Software 2025-04-11 N/A
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
CVE-2010-1093 1 1024cms 1 1024 Cms 2025-04-11 N/A
SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action.
CVE-2010-4186 1 Onlinetechtools.com 1 Oasys Professional 2025-04-11 N/A
SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4151 1 Deluxebb 1 Deluxebb 2025-04-11 N/A
SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.
CVE-2010-0798 2 Snowflake, Typo3 2 T3blog, Typo3 2025-04-11 N/A
SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4147 1 Avactis 1 Avactis Shopping Cart 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php.
CVE-2010-4144 1 Aspindir 1 Kisisel Radyo Script 2025-04-11 N/A
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
CVE-2010-4143 1 Phpcheckz 1 Phpcheckz 2025-04-11 N/A
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4826 1 Snitz Communications 1 Snitz Forums 2000 2025-04-11 N/A
SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to execute arbitrary SQL commands via the M_NAME parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4829 1 T-dreams 1 Cars Ads Package 2025-04-11 N/A
SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter.
CVE-2010-0762 1 Commodityrentals 1 Cd Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals CD Rental Software allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-2609 1 2daybiz 1 Job Search Engine Script 2025-04-11 N/A
SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter.