CVE-2010-2673

SQL injection vulnerability in profileview.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-2683

SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the subcatid parameter...

CVE-2010-2577

Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow remote attackers to execute arbitrary SQL commands via the title parameter to 1 storyrss.php or 2 story.php...

CVE-2010-4365

SQL injection vulnerability in JE Ajax Event Calendar comjeajaxeventcalendar component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventid parameter in an alleventlistmore action to index.php...

CVE-2010-4614

SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-0723...

CVE-2010-4166

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via 1 the filterorder parameter in a comweblinks category action to index.php, 2 the filterorderDir parameter in a comweblinks category action to index.php, or 3 the...

CVE-2012-3471

Multiple SQL injection vulnerabilities in the edit functions in 1 application/controllers/admin/reports.php and 2 application/controllers/members/reports.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via an incident id...

CVE-2012-5874

Multiple SQL injection vulnerabilities in the 1 updatewhosonlinereg and 2 updatewhosonlineguest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATHINFO to a checkuser.php, b groups.php, c index.php, d login.php, e quicklogin.php, f...

CVE-2012-5317

SQL injection vulnerability in mainbigware43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action...

CVE-2012-6504

SQL injection vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2012-2332

SQL injection vulnerability in serendipity/serendipityadmin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipityplugintoconf parameter. NOTE: this issue might be resultant from cross-site request forgery CSRF...

CVE-2012-2740

SQL injection vulnerability in publichtml/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action...

CVE-2012-4279

Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the 1 view parameter to agentdisplay.php or 2 edit parameter to admin/admin.php...

CVE-2012-4237

Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subjectmoduleid parameter to 1 tceeditanswer.php or 2 tceeditquestion.php...

CVE-2012-4258

Multiple SQL injection vulnerabilities in MYRE Real Estate Software 2012 Q2 allow remote attackers to execute arbitrary SQL commands via the 1 linkidd parameter to 1mobile/listings.php or 2 userid parameter to 1mobile/agentprofile.php...

CVE-2012-0999

SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...

CVE-2013-3578

SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server ERAS allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter aka the search field, leading to execution of operating-system...

CVE-2013-5967

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management OSSIM 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the datefrom parameter to 1 radar-iso27001-potential.php, 2 radar-iso27001-A12ISacquisition-pot.php, 3...

CVE-2013-5311

Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to 1 browsevideos.php or 2 members.php. NOTE: the cat parameter is already covered by CVE-2008-4157...

CVE-2013-1748

Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 edit.php or 2 import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vector is already covered by...