13540 matches found
CVE-2009-4701
SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4710
SQL injection vulnerability in the Reset backend password cwtresetbepassword extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4350
SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the 1 matchingsid or 2 matchingstitle parameters in a Login action to an unspecified program, or 3 the matchingsid parameter in a search action to index.php, a...
CVE-2009-4785
SQL injection vulnerability in the Quick News comquicknews component for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewitem action to index.php...
CVE-2009-4392
SQL injection vulnerability in the XDS Staff List xdsstaff extension 0.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4499
SQL injection vulnerability in the gethistorylastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the sendhistorylastid function in zabbixserver/trapper/nodehistory.c...
CVE-2009-4949
SQL injection vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4967
SQL injection vulnerability in the Car car extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4703
SQL injection vulnerability in the Webesse Image Gallery wsgallery extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4712
SQL injection vulnerability in index.php in Tukanas Classifieds aka EasyClassifieds Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter...
CVE-2009-4037
Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 admin/db/usersdb.inc, and various other .inc and .php files under 2 admin/, 3 dimensions/, 4 gl/, 5...
CVE-2009-4396
SQL injection vulnerability in the Diocese of Portsmouth Resources Database pdresources extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4954
SQL injection vulnerability in the Versatile Calendar Extension VCE skcalendar extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4393
SQL injection vulnerability in the Document Directorys danpdocumentdirs extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4708
SQL injection vulnerability in the Gobernalia Front End News Submitter gbfenewssubmit extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4689
SQL injection vulnerability in index.php in PHP Shopping Cart Selling Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2009-4070
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2009-4650
SQL injection vulnerability in the Webee Comments comwebeecomment component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party informatio...
CVE-2009-4803
SQL injection vulnerability in the Accessibility Glossary a21glossary extension 0.4.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4380
Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925...