13545 matches found
CVE-2010-4774
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171...
CVE-2010-4505
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 un and 2 pw parameters...
CVE-2015-1372
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php...
CVE-2010-3484
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593...
CVE-2010-2510
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter...
CVE-2014-4741
SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2010-4735
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller DGS 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter...
CVE-2010-2095
SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter...
CVE-2010-1859
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread...
CVE-2010-2699
SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script CBQuick allows remote attackers to execute arbitrary SQL commands via the search parameter...
CVE-2010-2672
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the 1 SectionID and 2 SearchTimestamp parameters to the search feature and the 3 SearchContentClassAttributeID parameter to the advancedsearch feature...
CVE-2010-4517
SQL injection vulnerability in the JExtensions JE Auto comjeauto component 1.0 for Joomla!, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php...
CVE-2010-0710
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
CVE-2011-1903
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2010-2516
Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing MLM Software allow remote attackers to execute arbitrary SQL commands via the username parameter to 1 index.php and 2 admin/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...
CVE-2010-2513
SQL injection vulnerability in the JE Ajax Event Calendar comjeajaxeventcalendar component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php...
CVE-2010-2511
SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing MLM Software allows remote attackers to execute arbitrary SQL commands via the nwsid parameter...
CVE-2010-3482
Multiple SQL injection vulnerabilities in cmswrite.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the 1 title and 2 menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication...
CVE-2011-4803
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-0471
SQL injection vulnerability in the comment submission interface includes/comment.php in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...