13188 matches found
CVE-2017-5345
SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated editors to execute arbitrary SQL commands via the term parameter to the default URI...
Sql injection
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch...
CVE-2016-10114
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch...
Sql injection
SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...
CVE-2016-10096
SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...
phpMyAdmin SQL Injection Vulnerability (CNVD-2016-13237)
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A SQL injection vulnerability exists in phpMyAdmin. An attacker can exploit this vulnerability to execute arbitrary SQL commands...
Joomla! Component DT Register - 'cat' SQL Injection
Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...
IBM BigFix Remote Control SQL Injection Vulnerability
IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A SQL injection vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary SQL commands...
CVE-2016-2873
SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-2873
SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Exponent CMS <= 2.4.0 Information Disclosure and SQLi Vulnerabilities
Exponent CMS is prone to an SQL injection SQLi and an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
CVE-2016-8908
SQL injection vulnerability in the "Site Browser HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...
CVE-2016-8907
SQL injection vulnerability in the "Content Types Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...
CVE-2016-8906
SQL injection vulnerability in the "Site Browser Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...
CVE-2016-8905
SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter...
CVE-2016-8903
SQL injection vulnerability in the "Site Browser Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter...
CVE-2016-8902
SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter...
dotCMS < 3.3.2 SQLi Vulnerability
dotCMS is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotcms:dotcms"; if...
Sql injection
A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...