CVE-2009-3443

SQL injection vulnerability in the Fastball comfastball component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php...

CVE-2009-3418

Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...

CVE-2008-2429

Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via 1 the catsearch parameter to calsearch.php or 2 the catview parameter to calcat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap...

CVE-2005-3039

SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter...

CVE-2005-2692

Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 addquery and 2 subquery parameters to the newbb plus module, the forum parameter to 3 newtopic.php, 4 edit.php, or 5 reply.php in the newbb plus module, or 6 the msg...

CVE-2009-3165

SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

CVE-2003-0751

SQL injection vulnerability in passdone.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter...

CVE-2009-2082

SQL injection vulnerability in insidepage.php in Creative Web Solutions Multi-Level CMS 1.21 allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: some of these details are obtained from third party information...

CVE-2009-3125

SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

CVE-2008-1464

Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1 allow remote attackers to execute arbitrary SQL commands via the 1 query parameter to a search.php; 2 gusername and 3 gpassword parameters to b login.php; and the 4 username and 5 password parameters to c gadmin/index.php in a...

CVE-2005-4891

Simple Machine Forum SMF versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements...

CVE-2005-2135

SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder QuickWeb 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 T1 or 2 T2 parameters...

CVE-2005-4818

Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2005-4792

SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2009-1851

SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-4718

SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-4711

SQL injection vulnerability in the CoolURI cooluri extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686...

CVE-2009-3082

SQL injection vulnerability in wcategory.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-4702

SQL injection vulnerability in the Tour Extension pmtour extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2005-4645

SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter...