CVE-2010-1096

Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the 1 txtgender and 2 txtlookgender parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...

CVE-2016-11017

The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter a failed login attempt returns the command-injection output to a limited login failure field. This is...

CVE-2010-1051

Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-1019

SQL injection vulnerability in the Simple Gallery sksimplegallery extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-2324

Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...

CVE-2010-0956

SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter...

CVE-2016-20016

MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE"...

CVE-2011-4829

SQL injection vulnerability in the comlisting component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the categoryid parameter to index.php...

CVE-2011-1571

Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors...

CVE-2009-2915

SQL injection vulnerability in 2flygift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action...

CVE-2009-4691

SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter...

CVE-2025-32813

Infoblox NetMRI

CVE-2002-1898

Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window...

CVE-2002-1843

Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the $text variable in SpelCheck.pm or 2 the $filename variable in HTMLPlog.pm...

CVE-2005-2165

read.cgi in GlobalNoteScript allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameters...

CVE-2009-2614

SQL injection vulnerability in zadminlogin.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-3500

Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to main.php and 2 gameid parameter to game.php...

CVE-2005-1412

SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter...

CVE-2009-3418

Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...

CVE-2006-7005

SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...