6581 matches found
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie...
DEBIAN-CVE-2007-0262
WordPress 2.0.6, and 2.1Alpha 3 SVN:4662, does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as th...
PT-2007-1215 · Portix · Portix-Php
Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the username and passwd fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes...
DEBIAN-CVE-2007-0107
WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7...
PT-2006-6735 · Baal · Baalasp Forum
Name of the Vulnerable Software and Affected Versions: BaalAsp forum affected versions not specified Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited through...
PT-2006-3745 · X Cart · X-Cart
Name of the Vulnerable Software and Affected Versions: X-Cart Gold and Pro versions 4.0.18 through 4.1.0 beta 1 Description: The issue allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field in search.php, when the settings specify only "Search in Detailed...
PT-2005-5169 · Quantum Art · Quantum Art Qp7.Enterprise
Name of the Vulnerable Software and Affected Versions: Quantum Art QP7.Enterprise affected versions not specified Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the p news id parameter to API endpoints such as "news and events...
PT-2005-2772 · Os4E · Unknown Product
Name of the Vulnerable Software and Affected Versions: Unknown product by Online Solutions for Educators OS4E affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the password variable in the login.asp file. This could potentially le...
PT-2005-2722 · Ezdwc · Ezdwc Newsletterez
Name of the Vulnerable Software and Affected Versions: ezdwc NewsletterEz version 3.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the password parameter in the "login.asp" file. Recommendations: For ezdwc NewsletterEz version 3.0, conside...
PT-2005-1332 · Biborb · Biborb
Name of the Vulnerable Software and Affected Versions: BibORB versions 1.3.2 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the Username or Password variables. Recommendations: For BibORB versions 1.3.2 and earlier, update to...
SQL Server 2016 RTM Cumulative Update (CU) 1 KB3164674
SQL Server 2016 RTM Cumulative Update CU 1 KB3164674...
SQL Server 2017 RTM Cumulative Update (CU) 10 KB4342123
SQL Server 2017 RTM Cumulative Update CU 10 KB4342123...
SQL Server 2017 RTM Cumulative Update (CU) 14 KB4484710
SQL Server 2017 RTM Cumulative Update CU 14 KB4484710...
SQL Server 2022 RTM Cumulative Update (CU) 4 KB5026717
SQL Server 2022 RTM Cumulative Update CU 4 KB5026717...
Security Update for SQL Server 2025 RTM CU (KB5089899)
Security Update for SQL Server 2025 RTM CU KB5089899...
KB5004524 - Cumulative Update 12 for SQL Server 2019
None None...
KB5081495 - Cumulative Update 4 for SQL Server 2025
None None...
KB5005226 - Cumulative Update 26 for SQL Server 2017
None None...
KB5006944 - Cumulative Update 27 for SQL Server 2017
None None...
KB5011644 - Cumulative Update 16 for SQL Server 2019
None None...