No title provided

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

CVE-2010-2016

SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the pid parameter...

CVE-2009-2152

SQL injection vulnerability in aindex.php in AdaptWeb 0.9.2 allows remote attackers to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action...

CVE-2009-2148

SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter...

PT-2009-3647 · Pixie · Pixie Cms

Name of the Vulnerable Software and Affected Versions: Pixie CMS version 1.01a Description: The issue allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request, specifically in the referral function in admin/lib/lib logs.php. Recommendations: For Pixie CMS...

PT-2009-1778 · Xt · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce versions prior to 3.0.4 Sp2.1 Description: The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors when magic quotes gpc is enabled and the SEO URLs are activated. Recommendations: For versions...

DEBIAN-CVE-2008-5813

SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information...

CVE-2008-4633

SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote."...

CVE-2008-4590

Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via 1 the username parameter to admin/login.php and 2 the post parameter to admin/news.php...

DEBIAN-CVE-2008-4078

SQL injection vulnerability in the AR/AP transaction report in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

PT-2008-5381 · Ledgersmb +2 · Ledgersmb +2

Name of the Vulnerable Software and Affected Versions: LedgerSMB versions prior to 1.2.15 SQL-Ledger versions prior to 2.8.18 Description: The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. This is a SQL injection vulnerability in the AR/AP...

CVE-2008-2823

SQL injection vulnerability in newsarchive.php in PHPeasyblog formerly phpeasynews 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...

CVE-2008-2767

SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter...

CVE-2008-2762

SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...

Owl SQL injection vulnerability

Overview Owl, an open source document management and publishing system, contains an SQL injection vulnerability. Impact A remote attacker may modify or steal the database contents. Solution None...

Moderate: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP02 security update

Updated JBoss Enterprise Application Platform JBEAP packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform JBEAP is a middleware platform for Java 2...

EJBQL injection via 'order' parameter

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter...

EJBQL injection via 'order' parameter

The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter...

PT-2008-2241 · WordPress · Dmsguestbook

Name of the Vulnerable Software and Affected Versions: DMSGuestbook version 1.7.0 Description: A SQL injection issue exists in the administration panel of the DMSGuestbook plugin for WordPress, allowing remote authenticated administrators to execute arbitrary SQL commands. It is unclear whether...

CVE-2007-6670

SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter...