13545 matches found
CVE-2007-6727
SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...
CVE-2009-2614
SQL injection vulnerability in zadminlogin.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4970
SQL injection vulnerability in the t3maffiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-1909
SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-3504
SQL injection vulnerability in offersbuy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-3443
SQL injection vulnerability in the Fastball comfastball component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php...
CVE-2009-3418
Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow 1 remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an editlink action to...
CVE-2008-3754
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2429
Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via 1 the catsearch parameter to calsearch.php or 2 the catview parameter to calcat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap...
CVE-2005-3039
SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter...
CVE-2005-2692
Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 addquery and 2 subquery parameters to the newbb plus module, the forum parameter to 3 newtopic.php, 4 edit.php, or 5 reply.php in the newbb plus module, or 6 the msg...
CVE-2009-3165
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2009-2082
SQL injection vulnerability in insidepage.php in Creative Web Solutions Multi-Level CMS 1.21 allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-3125
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
CVE-2008-1464
Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1 allow remote attackers to execute arbitrary SQL commands via the 1 query parameter to a search.php; 2 gusername and 3 gpassword parameters to b login.php; and the 4 username and 5 password parameters to c gadmin/index.php in a...
CVE-2005-2135
SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder QuickWeb 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 T1 or 2 T2 parameters...
CVE-2005-4818
Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-4792
SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-1851
SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4718
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...