UBUNTU-CVE-2014-2708

Multiple SQL injection vulnerabilities in graphxport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the 1 graphstart, 2 graphend, 3 graphheight, 4 graphwidth, 5 graphnolegend, 6 printsource, 7 localgraphid, or 8 rraid parameter...

CVE-2010-4958

SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...

PT-2010-2453 · Fonality · Fonality Trixbox

Name of the Vulnerable Software and Affected Versions: Fonality Trixbox version 2.2.4 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the ID parameter in the /cisco/services/PhonecDirectory.php API endpoint. Recommendations: For Fonality...

CVE-2008-2844

SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter...

PT-2006-6514

Name of the Vulnerable Software and Affected Versions: Abarcar Realty Portal affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the neid parameter to "newsdetails.php" or the slid parameter to "slistl.php"...

PT-2005-5482 · Unknown · Land Down Under

Name of the Vulnerable Software and Affected Versions: Land Down Under LDU versions v801 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via parameters including 1 the m parameter in "auth.php", 2 the f parameter in "events.php", ...

security flaw

mysqlinstalldb in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysqlinstalldb.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents...