13184 matches found
CVE-2014-9178
Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants Plugins SP Project & Document Manager plugin sp-client-document-manager 2.4.1 and earlier for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 vendoremail parameter in the emailvendor functi...
CVE-2014-9175
SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the tableid parameter in a getwdtable action to wp-admin/admin-ajax.php...
CVE-2014-9173
SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter...
Sql injection
SQL injection vulnerability in the login page login/login in Subex ROC Fraud Management aka Fraud Management System and FMS 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rangerusername parameter...
CVE-2014-8728
SQL injection vulnerability in the login page login/login in Subex ROC Fraud Management aka Fraud Management System and FMS 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rangerusername parameter...
CVE-2014-8728
SQL injection vulnerability in the login page login/login in Subex ROC Fraud Management aka Fraud Management System and FMS 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rangerusername parameter...
CVE-2014-9089
Multiple SQL injection vulnerabilities in viewallbugpage.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the 1 sort or 2 dir parameter to viewallset.php...
CVE-2014-9096
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id or 2 n parameter...
CVE-2014-9095
Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the 1 sort or 2 dir parameter to license/records...
Sql injection
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id or 2 n parameter...
Sql injection
Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, as demonstrated by the topics parameter in an unfavorite action to index.php...
Sql injection
Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery contus-video-gallery plugin 2.5, possibly as distributed before 2014-07-23, for WordPress allow 1 remote attackers to execute arbitrary SQL commands via the vid parameter in a myextract action to wp-admin/admin-ajax.php ...
CVE-2014-9102
Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, as demonstrated by the topics parameter in an unfavorite action to index.php...
CVE-2014-8367
SQL injection vulnerability in Aruba Networks ClearPass Policy Manager CPPM 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-7137
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 contactid parameter in an addcontact action, 2 ligne parameter in a swapstatut action, or 3 projectref parameter to projet/tasks/contact.php; 4 line...
Sql injection
SQL injection vulnerability in Open-Xchange OX AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call...
Sql injection
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 contactid parameter in an addcontact action, 2 ligne parameter in a swapstatut action, or 3 projectref parameter to projet/tasks/contact.php; 4 line...
CVE-2014-9005
Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote attackers to execute arbitrary SQL commands via the 1 country, 2 gender1, or 3 gender2 parameter in a search action to index.php...
CVE-2014-8999
SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter...
Sql injection
SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie...