13184 matches found
Sql injection
SQL injection vulnerability in the WikiWiki module before 6.x-1.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows remote administrators to execute arbitrary SQL commands via unspecified vectors, related to the "phpList database."...
CVE-2015-3346
SQL injection vulnerability in the WikiWiki module before 6.x-1.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
F5 FirePass SQL injection vulnerability CVE-2012-1777
F5 FirePass is prone to an SQL injection vulnerability. Copyright C 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Sql injection
SQL injection vulnerability in the Interactive Voice Response IVR component in Cisco Unified Communications Manager UCM 10.51.98991.13 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563...
CVE-2014-9145
Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an edit action to dapur/index.php; 2 cat, 3 user, or 4 level parameter to dapur/apps/apparticle/controller/articlelist.php; or 5 email parameter in an emai...
Sql injection
Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an edit action to dapur/index.php; 2 cat, 3 user, or 4 level parameter to dapur/apps/apparticle/controller/articlelist.php; or 5 email parameter in an emai...
CVE-2014-9145
Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an edit action to dapur/index.php; 2 cat, 3 user, or 4 level parameter to dapur/apps/apparticle/controller/articlelist.php; or 5 email parameter in an emai...
Sql injection
Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a 1 hits parameter in a samhits action to sam-ajax.php; the 2 cstr parameter in a loadposts action to sam-ajax-admin.php; the 3 searchTe...
Sql injection
SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain Manager 8.14 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq52515...
CVE-2015-2679
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...
Sql injection
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...
Sql injection
SQL injection vulnerability in client-edit.php in ProjectSend formerly cFTP r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php...
CVE-2015-2314
SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed...
Sql injection
SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed...
WordPress Pods Plugin <= 2.5.1.1 - Blind SQL Injection
Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...
CVE-2015-2237
Multiple SQL injection vulnerabilities in Betster aka PHP Betoffice 1.0.4 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 showprofile.php or 2 categoryedit.php or 3 username parameter in a login to index.php...
CVE-2015-2237
Multiple SQL injection vulnerabilities in Betster aka PHP Betoffice 1.0.4 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 showprofile.php or 2 categoryedit.php or 3 username parameter in a login to index.php...
Sql injection
SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition ESRS VE 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2015-0524
SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition ESRS VE 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...