CVE-2010-3608

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 password pw parameters to a admin.php or b user.php...

CVE-2010-0337

SQL injection vulnerability in the ttnews Mail alert dl3ttnewsalerts extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2011-4949

SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/withdb/loaddetails.php in EGroupware Enterprise Line EPL before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2013-4745

SQL injection vulnerability in the My quiz and poll myquizpoll extension before 2.0.6 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2015-4658

Multiple SQL injection vulnerabilities in admin/login.php in Milw0rm Clone Script 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 usr or 2 pwd parameter...

CVE-2012-5550

SQL injection vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2013-1163

Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System CG-NMS allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746...

CVE-2018-13450

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statusbatch parameter...

CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

CVE-2010-4609

SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to execute arbitrary SQL commands via the nuser parameter in a registrate action...

CVE-2013-5091

SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows remote authenticated users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. NOTE: this issue might be a duplicate of CVE-2011-4559...

CVE-2010-5317

Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...

CVE-2013-4945

Multiple SQL injection vulnerabilities in BMC Service Desk Express SDE 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the 1 ASPSESSIONIDASSRATTQ, 2 TABLEWIDGET1, 3 TABLEWIDGET2, 4 browserDateTimeInfo, or 5 browserNumberInfo cookie parameter to DashBoardGUI.aspx; or the 6 U...

CVE-2010-1370

SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter...

CVE-2013-4827

SQL injection vulnerability in HP Intelligent Management Center iMC and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664...

CVE-2013-4715

SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...

CVE-2012-4971

Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to execute arbitrary SQL commands via the 1 reqclass parameter to editrequestenduser.asp; the 2 sysrequestid parameter to editrequestuser.asp; the 3 sysrequestid parameter to enduseractions.asp; the 4 sysrequest...

CVE-2014-9457

SQL injection vulnerability in classes/monodisplay.class.php in PMB 4.1.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the id parameter to catalog.php...

CVE-2014-9435

Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the 1 sectionID parameter to admin/managersection.php, 2 userID parameter to admin/edituser.php, 3 username parameter to admin/admin.php, or 4 title parameter to...