13181 matches found
CVE-2010-4969
SQL injection vulnerability in articlesdetails.php in BrotherScripts BS Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2011-4710
Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the 1 pixieuser parameter and 2 Referer HTTP header in a request to the default URI...
CVE-2010-4946
SQL injection vulnerability in productinfo.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the productsid parameter...
CVE-2010-4935
SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter...
CVE-2010-4929
SQL injection vulnerability in the Joostina comezautos component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php...
CVE-2010-4905
SQL injection vulnerability in articledetails.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbizid parameter...
CVE-2010-4904
SQL injection vulnerability in the Aardvertiser comaardvertiser component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catname parameter in a view action to index.php. NOTE: some of these details are obtained from third party information...
CVE-2010-4891
SQL injection vulnerability in the Yet Another Calendar keyac extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-1089
SQL injection vulnerability in vedifaq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-1075
SQL injection vulnerability in index.php in Entry Level CMS EL CMS allows remote attackers to execute arbitrary SQL commands via the subj parameter...
CVE-2010-4632
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the 1 article parameter to kb.asp, 2 specific parameter to cart.asp, 3 countrycode parameter to contact.asp, and the 4 srch parameter to search.asp. NOTE: the article...
CVE-2010-1016
SQL injection vulnerability in the SAV Filter Selectors savfilterselectors extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-9520
SQL injection vulnerability in execute.php in InfiniteWP Admin Panel before 2.4.4 allows remote attackers to execute arbitrary SQL commands via the historyID parameter...
CVE-2015-9226
Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the 1 checkdownload and possibly 2 checkfilename function in upload/admin2/model/products/modeladmindownload.php or remote authenticated users wit...
CVE-2014-8306
SQL injection vulnerability in the sqlquery function in cart.php in C97net Cart Engine before 4.0 allows remote attackers to execute arbitrary SQL commands via the itemid variable, as demonstrated by the 1 itemid0 or 2 itemid parameter...
CVE-2010-4503
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...
CVE-2015-1364
SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/...
CVE-2010-4404
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-3428
SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a category action...
CVE-2014-4938
SQL injection vulnerability in the WP Rss Poster wp-rss-poster plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to wp-admin/admin.php...