13184 matches found
Sql injection
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the 1 iDisplayLength or 2 iDisplayStart parameter to a commentspaginate.php or b storespaginate.php in admin/ajax/...
CVE-2014-100012
SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter...
CVE-2014-10032
SQL injection vulnerability in newspopup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter...
CVE-2014-10033
SQL injection vulnerability in the updatezone function in catalog/admin/geozones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action...
CVE-2014-10038
The CVE-2014-10038 entry details an SQL injection vulnerability in agenda/indexdate.php affecting DomPHP 0.83 and earlier. The issue allows remote attackers to execute arbitrary SQL commands via the ids parameter. This is the explicit impact stated in multiple sources; no remediation steps are de...
CVE-2014-100020
CVE-2014-100020 describes an SQL injection in ChangeEmail.php of iTechClassifieds 3.03.057, allowing remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. The CatID parameter vulnerability is noted as covered by a separate CVE (CVE-2008-0685). The provided documents con...
CVE-2014-100035
SQL injection vulnerability in the ticket grid in the admin interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-100020
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685...
CVE-2014-100022
SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php...
CVE-2014-10023
Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 editblock.php, 2 editcat.php, 3 editnote.php, or 4 rmvtopic.php in admincp/...
CVE-2014-10020
SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2014-10013
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action...
CVE-2014-10004
SQL injection vulnerability in admin/datafiles/move.php in Maian Uploader 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2014-100003
SQL injection vulnerability in includes/ym-downloadfunctions.include.php in the Code Futures YourMembers plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ymdownloadid parameter to the default URI...
Sql injection
SQL injection vulnerability in includes/ym-downloadfunctions.include.php in the Code Futures YourMembers plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ymdownloadid parameter to the default URI...
Sql injection
SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter...
Sql injection
Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 editblock.php, 2 editcat.php, 3 editnote.php, or 4 rmvtopic.php in admincp/...
Sql injection
SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the reqnewemail parameter...
Sql injection
SQL injection vulnerability in admin/datafiles/move.php in Maian Uploader 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2014-10015
SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter...