13176 matches found
CVE-2010-4905
SQL injection vulnerability in articledetails.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbizid parameter...
CVE-2010-4904
SQL injection vulnerability in the Aardvertiser comaardvertiser component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catname parameter in a view action to index.php. NOTE: some of these details are obtained from third party information...
CVE-2010-4891
SQL injection vulnerability in the Yet Another Calendar keyac extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-1089
SQL injection vulnerability in vedifaq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-1075
SQL injection vulnerability in index.php in Entry Level CMS EL CMS allows remote attackers to execute arbitrary SQL commands via the subj parameter...
CVE-2010-4632
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the 1 article parameter to kb.asp, 2 specific parameter to cart.asp, 3 countrycode parameter to contact.asp, and the 4 srch parameter to search.asp. NOTE: the article...
CVE-2010-1016
SQL injection vulnerability in the SAV Filter Selectors savfilterselectors extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-9520
SQL injection vulnerability in execute.php in InfiniteWP Admin Panel before 2.4.4 allows remote attackers to execute arbitrary SQL commands via the historyID parameter...
CVE-2015-9226
Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the 1 checkdownload and possibly 2 checkfilename function in upload/admin2/model/products/modeladmindownload.php or remote authenticated users wit...
CVE-2014-8306
SQL injection vulnerability in the sqlquery function in cart.php in C97net Cart Engine before 4.0 allows remote attackers to execute arbitrary SQL commands via the itemid variable, as demonstrated by the 1 itemid0 or 2 itemid parameter...
CVE-2010-4503
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...
CVE-2015-1364
SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/...
CVE-2010-4404
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-3428
SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a category action...
CVE-2014-4938
SQL injection vulnerability in the WP Rss Poster wp-rss-poster plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to wp-admin/admin.php...
CVE-2010-2689
SQL injection vulnerability in contform.php in Internet DM WebDM CMS allows remote attackers to execute arbitrary SQL commands via the cfid parameter...
CVE-2012-3032
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message...
CVE-2011-5071
Multiple SQL injection vulnerabilities in Support Incident Tracker aka SiT! before 3.64 allow remote attackers to execute arbitrary SQL commands via the 1 exc parameter to reportmarketing.php, 2 selected parameter to tasks.php, 3 sites parameter to billableincidents.php, or 4 searchstring paramet...
CVE-2010-2342
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter...
CVE-2010-2319
SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter...