Export limit exceeded: 19863 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19863 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4917 1 A-blog 1 A-blog 2025-04-11 N/A
SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.
CVE-2010-4919 1 Micronetsoft 1 Rv Dealer Website 2025-04-11 N/A
SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter.
CVE-2010-4923 1 Virtuenetz 1 Virtue Book Store 2025-04-11 N/A
SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter.
CVE-2010-4946 1 Allpcscript 1 Allpc 2025-04-11 N/A
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
CVE-2010-5001 1 Esoftpro 1 Online Contact Manager 2025-04-11 N/A
SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2013-5517 1 Cisco 1 Unified Communications Domain Manager 2025-04-11 N/A
SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567.
CVE-2012-6584 1 Myrephp 1 Myre Realty Manager 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MYRE Realty Manager allow remote attackers to execute arbitrary SQL commands via the bathrooms1 parameter to (1) demo2/search.php or (2) search.php.
CVE-2012-0973 1 Osclass 1 Osclass 2025-04-11 N/A
Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the (1) osc_search_category_id function in oc-includes/osclass/helpers/hSearch.php and (2) findBySlug function oc-includes/osclass/model/Category.php. NOTE: some of these details are obtained from third party information.
CVE-2013-5525 1 Cisco 1 Identity Services Engine Software 2025-04-11 N/A
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.
CVE-2012-6586 1 Myrephp 1 Myre Vacation Rental 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the (1) garage1 or (2) bathrooms1 parameter to vacation/1_mobile/search.php, or (3) unspecified input to vacation/widgate/request_more_information.php.
CVE-2011-2751 1 Parodia 1 Parodia 2025-04-11 N/A
SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-2762 1 S9y 1 Serendipity 2025-04-11 N/A
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
CVE-2010-5041 2 John Bradshaw, Nucleuscms 2 Np Gallery Plugin, Nucleus 2025-04-11 N/A
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
CVE-2010-5043 2 Blueconstantmedia, Joomla 2 Com Djartgallery, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php.
CVE-2012-2908 1 Viscacha 1 Viscacha 2025-04-11 N/A
Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag parameter.
CVE-2012-6588 1 Myrephp 1 Myre Business Directory 2025-04-11 N/A
SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2010-5049 1 Zabbix 1 Zabbix 2025-04-11 N/A
SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter.
CVE-2012-2925 1 Simple Php Agenda 1 Simple Php Agenda 2025-04-11 N/A
SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action.
CVE-2024-2585 1 Amss\+\+ Project 1 Amss\+\+ 2025-04-10 8.2 High
Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send_2.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.
CVE-2023-36813 1 Kanboard 1 Kanboard 2025-04-10 7.1 High
Kanboard is project management software that focuses on the Kanban methodology. In versions prior to 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations, the code improperly uses the PicoDB library to update/insert new information. Version 1.2.31 contains a fix for this issue.