13176 matches found
CVE-2009-3061
SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information...
CVE-2002-2391
SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter...
CVE-2009-0121
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2002-2168
SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including functiondescribeitem1.inc.php...
CVE-2002-2074
SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page...
CVE-2008-1065
Multiple SQL injection vulnerabilities in index.php in the XM-Memberstats xmmemberstats 2.0e module for XOOPS allow remote attackers to execute arbitrary SQL commands via the 1 letter or 2 sortby parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from...
CVE-2009-4394
SQL injection vulnerability in the Random Prayer 2 steprayer2 extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter...
CVE-2008-0650
SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-0651
SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-3075
SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2009-2779
SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action...
CVE-2009-4045
Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to various .inc and .php files in 1 reporting/, 2 sales/, 3 sales/includes/, 4 sales/includes/db/, 5 sales/inquiry/, 6 sales/manage/, 7...
CVE-2007-3627
Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to 1 login.php, 2 auth.php, and 3 subscribe.php. NOTE: the month.php, year.php, week.php, and day.php vectors are already covered by CVE-2005-4009...
CVE-2009-3974
Multiple SQL injection vulnerabilities in Invision Power Board IPB or IP.Board 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 searchterm parameter to admin/applications/core/modulespublic/search/search.php and 2 aid parameter to...
CVE-2009-2616
SQL injection vulnerability in zadminlogin.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-2619
SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-2612
SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3813
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...
CVE-2009-3801
SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass aka Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...