16790 matches found
CVE-2009-4163
SQL injection vulnerability in the TW Productfinder twproductfinder extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4703
SQL injection vulnerability in the Webesse Image Gallery wsgallery extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4802
SQL injection vulnerability in the Flat Manager flatmgr extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4046
Multiple SQL injection vulnerabilities in FrontAccounting FA 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 bankaccounts.php, 2 currencies.php, 3 exchangerates.php, 4 glaccounttypes.php, and 5 glaccounts.php in gl/manage/; and 6...
CVE-2009-4613
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
CVE-2009-4712
SQL injection vulnerability in index.php in Tukanas Classifieds aka EasyClassifieds Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter...
CVE-2009-4217
SQL injection vulnerability in the Itamar Elharar MusicGallery commusicgallery component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained...
CVE-2009-4037
Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 admin/db/usersdb.inc, and various other .inc and .php files under 2 admin/, 3 dimensions/, 4 gl/, 5...
CVE-2009-4396
SQL injection vulnerability in the Diocese of Portsmouth Resources Database pdresources extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4393
SQL injection vulnerability in the Document Directorys danpdocumentdirs extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4968
SQL injection vulnerability in the Event Registration eventregistr extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2009-4070
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2009-4650
SQL injection vulnerability in the Webee Comments comwebeecomment component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party informatio...
CVE-2009-4380
Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925...
CVE-2009-4784
SQL injection vulnerability in the Joaktree comjoaktree component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php...
CVE-2009-4838
SQL injection vulnerability in baseagcommon.php in Basic Analysis and Security Engine BASE before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information...
CVE-2009-4595
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the supid parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...
CVE-2009-4166
SQL injection vulnerability in the Trips mchtrips extension 2.0.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4104
SQL injection vulnerability in Lyften Designs LyftenBloggie comlyftenbloggie component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php...