CVE-2023-40629

SQLi vulnerability in LMS Lite component for Joomla...

CVE-2018-12250

An issue was discovered in Elite CMS Pro 2.01. In /admin/addsidebar.php, the ?page= parameter is vulnerable to SQL injection...

CVE-2018-14472

An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection...

CVE-2018-1000867

WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit...

CVE-2018-1000653

zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx...

CVE-2018-18550

ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user...

CVE-2018-18200

There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4...

CVE-2018-18949

Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings...

CVE-2018-19898

ThinkCMF X2.2.2 has SQL Injection via the method editpost in ArticleController.class.php and is exploitable by normal authenticated users via the postid1 parameter in an article editpost action...

CVE-2018-19894

ThinkCMF X2.2.2 has SQL Injection via the functions check and delete in CommentadminController.class.php and is exploitable with the manager privilege via the ids parameter in a commentadmin action...

CVE-2018-19221

An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter...

CVE-2009-4701

SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4710

SQL injection vulnerability in the Reset backend password cwtresetbepassword extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4390

SQL injection vulnerability in the Car car extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4965

SQL injection vulnerability in the AIRware Lexicon airlexicon extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4392

SQL injection vulnerability in the XDS Staff List xdsstaff extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4158

SQL injection vulnerability in the Calendar Base cal extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4949

SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4967

SQL injection vulnerability in the Car car extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4163

SQL injection vulnerability in the TW Productfinder twproductfinder extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...