13184 matches found
CVE-2015-1479
SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus SDP before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter...
CVE-2015-1477
SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads...
Sql injection
SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus SDP before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter...
CVE-2015-1476
Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allow remote attackers to execute arbitrary SQL commands via the 1 productbycat parameter to product.php, or 2 username or 3 password parameter to admin/index.php...
Sql injection
SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter...
CVE-2015-1441
CVE-2015-1441 is a SQL injection vulnerability affecting Piwigo prior to 2.5.6, 2.6.x prior to 2.6.5, and 2.7.x prior to 2.7.3. The description provides no specifics on the attack vectors or exploited parameters, only that remote attackers can execute arbitrary SQL commands. Public references ind...
CVE-2015-1400
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter...
CVE-2015-1450
SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php...
Sql injection
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the ascordesc parameter in a create gallery request in the galleriesbwg page to wp-admin/admin.php...
CVE-2015-1450
SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php...
Sql injection
Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the 1 jakdeletelog or 2 ssp parameter to admin/index.php...
Joyent Node.js Sequelize SQL Injection Vulnerability
Joyent Node.js is the United States Joyent company's set of web applications built on Google V8 JavaScript engine on top of the platform. Sequelize is one of the database ORM object-relational mapping tool. A SQL injection vulnerability exists in Joyent Node.js Sequelize. A remote attacker can...
CVE-2015-1372
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php...
CVE-2015-1369
SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js allows remote attackers to execute arbitrary SQL commands via the order parameter...
CVE-2015-1367
SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote attackers to execute arbitrary SQL commands via the lastcatbot parameter...
Sql injection
SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote attackers to execute arbitrary SQL commands via the lastcatbot parameter...
Sql injection
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php...
Sql injection
SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/...