UBUNTU-CVE-2017-14242

SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter...

CVE-2016-5742

SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

dotCMS 'stName' Parameter SQL Injection Vulnerability

dotCMS is a content management system CMS developed in Java. A SQL injection vulnerability exists in the 'stName' parameter in dotCMS versions prior to 3.3.2, which allows remote attackers to execute arbitrary SQL commands via the stName parameter in api/content/save/1...

vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

Zen Cart 1.3.8 - Remote SQL Execution Exploit

No description provided by source. !/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : Notes: must have...

DEBIAN-CVE-2014-1471

SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL...

DEBIAN-CVE-2012-6496

SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use...

PT-2012-4127 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 15.02 Description: The issue allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter in the "WrVMwareHostList.asp" file. This enables attackers to manipulate database queries,...

CVE-2010-5004

SQL injection vulnerability in searchvote.php in 2daybiz Polls aka Advanced Poll Script allows remote attackers to execute arbitrary SQL commands via the category parameter...

CVE-2010-5033

SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter...

CVE-2010-4954

SQL injection vulnerability in productreviewsinfo.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the productsid parameter...

AS3FlexDB Login Information Disclosure / SQL Execution

$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$ AS3FlexDB Database Login Information Disclosure & Remote SQL Excution $$$ $$$ || License: Free $$$ || Language: English $$$ AS3FlexDB || Cost: $0 $$$ || Platform: Flash...

AS3FlexDB Database Login Information Disclosure & Remote SQL Excution

Exploit for unknown platform in category web applications ===================================================================== AS3FlexDB Database Login Information Disclosure & Remote SQL Excution =====================================================================...

PT-2010-1396 · Maxdev · Mforum

Name of the Vulnerable Software and Affected Versions: MDForum module versions 2.x through 2.07 for MAXdev MDPro Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the c parameter in the "index.php" endpoint. Recommendations: For MDFor...

Zabbix Server : Multiple remote vulnerabilities

From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and other network hardware." Zabbix Server : Remote command execution Impacted software : Zabbix Server Zabbix reference :...

Zabbix Server - Multiple Vulnerabilities

Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and other network hardware." Zabbix Server :...

PT-2009-6400 · Testlink Team · Testlink

Name of the Vulnerable Software and Affected Versions: TestLink versions prior to 1.8.5 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the Test Case ID field to "lib/general/navBar.php" or the logLevel parameter to...

Zen Cart 1.3.8 Remote SQL Execution Exploit

Exploit for unknown platform in category web applications =========================================== Zen Cart 1.3.8 Remote SQL Execution Exploit =========================================== !/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce -...

SFS EZ Career (content.php topic) SQL Injection Vulnerability

No description provided by source. Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Sql execution Script : SFS EZ Career Remote sql execution Home Script : http://www.scripts-for-sites.info/item.php?item=92 Greetz : Allah , All my freind Exploit :...

CVE-2008-4623

SQL injection vulnerability in the DS-Syndicate comds-syndicate component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feedid parameter to index2.php...