13545 matches found
CVE-2010-1863
SQL injection vulnerability in the shoutbox module modules/shoutbox.php in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the semail parameter...
CVE-2011-5272
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the vpsnote parameter to dtcadmin/logPushlet.php. NOTE: this issue was originally part of CVE-2011-3197, but that ID was SPLIT due to different...
CVE-2011-5183
Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier allow remote attackers to execute arbitrary SQL commands via the whereclause parameter to 1 index.php, 2 indexlong.php, or 3 indexshort.php in ordering/interfacecreator/...
CVE-2011-5076
SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATHINFO to index.php. NOTE: some of these details are obtained from third party information...
CVE-2012-4070
SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php...
CVE-2011-5072
Multiple SQL injection vulnerabilities in Support Incident Tracker aka SiT! before 3.65 allow remote attackers to execute arbitrary SQL commands via the 1 start parameter to portal/kb.php; 2 contractid parameter to contractaddservice.php; 3 id parameter to editescalationpath.php; 4 unlock, 5 lock...
CVE-2013-3536
SQL injection vulnerability in the gpLoadUserFromHash function in functionshash.php in the Group Pay module 1.5 and earlier for WHMCS allows remote attackers to execute arbitrary SQL commands via the hash parameter...
CVE-2010-5020
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2010-5004
SQL injection vulnerability in searchvote.php in 2daybiz Polls aka Advanced Poll Script allows remote attackers to execute arbitrary SQL commands via the category parameter...
CVE-2010-4969
SQL injection vulnerability in articlesdetails.php in BrotherScripts BS Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2011-4710
Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the 1 pixieuser parameter and 2 Referer HTTP header in a request to the default URI...
CVE-2010-4946
SQL injection vulnerability in productinfo.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the productsid parameter...
CVE-2010-4935
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter...
CVE-2010-4929
SQL injection vulnerability in the Joostina comezautos component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php...
CVE-2010-4905
SQL injection vulnerability in articledetails.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbizid parameter...
CVE-2010-4904
SQL injection vulnerability in the Aardvertiser comaardvertiser component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catname parameter in a view action to index.php. NOTE: some of these details are obtained from third party information...
CVE-2010-4897
SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action...
CVE-2010-4891
SQL injection vulnerability in the Yet Another Calendar keyac extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4887
SQL injection vulnerability in the Commenting system Backend Module commentsbe extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4876
SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter...