CVE-2004-0543

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries...

CVE-2004-0366

SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements...

CVE-2004-0366

Removed by vendor...

PT-2004-1520 · Unknown · Libpam-Pgsql

Name of the Vulnerable Software and Affected Versions: libpam-pgsql versions prior to 0.5.2 Description: The issue allows attackers to execute arbitrary SQL statements due to a SQL injection vulnerability in the libpam-pgsql library. Recommendations: For versions prior to 0.5.2, update to version...

CVE-2004-0343

Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via 1 the msg parameter in ModifyMessage.php or 2 the postid parameter in ModifyMessage.php...

CVE-2003-0500

SQL injection vulnerability in the PostgreSQL authentication module modsqlpostgres for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name...

DSA-338 proftpd - SQL injection

Bulletin has no description...

CVE-2002-1457

SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter...

CVE-2003-0377

SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP...

CVE-2001-1089

libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request...

FreeBSD-SA-02:14.pam-pgsql

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:14 Security Advisory FreeBSD, Inc. Topic: pam-pgsql port authentication bypass Category: ports Module: pam-pgsql Announced: 2002-03-12 Credits: Jacques A. Vidrine Affects...

Another bug in phpNuke

Yes, i have found some bugs also... You can execute artibility mysql statments in many of its different scripts... reviews.php for example.. The parmenter with the id reviews.php?id=blah think doesn't check... so you can simply do reviews.php?id=12345 or ........ blah blah blah I don't think its...

Postaci allows arbitrary SQL query execution

Popular webmail software Postaci ships with Debian lacks of checking for malicious SQL code in variables coming from user while deleting addressbook contacts, bookmarks and notes. This gives opportunity to malicious user to execute arbitrary SQL query. The problem affects Postaci if using...

CVE-2000-1233

SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter...

CVE-2024-33804

A SQL injection vulnerability in /model/getsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33799

A SQL injection vulnerability in /model/getteacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33800

A SQL injection vulnerability in /model/getstudent1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...