CVE-2015-2070

SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed...

CVE-2015-2066

CVE-2015-2066 affects DLGuard 4.5. A SQL injection flaw in index.php via the c parameter allows remote attackers to execute arbitrary SQL commands; exploitation details are provided by CNVD/CVE records, but no patch or mitigation is specified in the supplied documents.

CVE-2015-1605

Dell ScriptLogic Asset Manager (Quest Workspace Asset Manager) vulnerable before 9.5 due to multiple SQL injection flaws in GetClientPackage.aspx and GetProcessedPackage.aspx. Root cause: insufficient input validation allowing remote SQL injection, enabling remote code execution under the NETWORK...

Sql injection

SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php...

MantisBT 1.1.x < 1.2.18 Multiple Vulnerabilities

Binary data 8902.prm...

Sql injection

SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint DLPe before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors...

CVE-2015-1434

Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the 1 letter parameter in a user action or 2 editcategory parameter to index.php...

CVE-2015-1471

SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI...

Sql injection

SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI...

CVE-2015-1471

SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI...

CVE-2015-1576

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...

CVE-2015-1518

SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...

Sql injection

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...

Sql injection

SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...

CVE-2015-1514

Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow 1 remote attackers to execute arbitrary SQL commands via the device ID REST parameter PATHINFO to /ajax.php or 2 remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php...

Sql injection

Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow 1 remote attackers to execute arbitrary SQL commands via the device ID REST parameter PATHINFO to /ajax.php or 2 remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php...

Sql injection

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 language or 2 type parameter to private/en/locale/index...

Sql injection

SQL injection vulnerability in views/zerotransactuser.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in a Modify Account action. NOTE: The articleid parameter to zeroviewarticle.ph...

CVE-2015-1513

SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username...

Redaxscript < 2.3.0 SQLi Vulnerability

Redaxscript is prone to an SQL injection SQLi vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...