13185 matches found
CVE-2014-3339
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager CM and Cisco Unified Presence Server CUPS allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290...
Sql injection
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager CM and Cisco Unified Presence Server CUPS allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290...
CVE-2014-5200
SQL injection vulnerability in gameplay.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in login.php in MegaLab The Uploader before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter...
Sql injection
SQL injection vulnerability in gameplay.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2014-5200
SQL injection vulnerability in gameplay.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2014-3336
SQL injection vulnerability in the web framework in Cisco Unity Connection 9.12 and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted request, aka Bug ID CSCuq31016...
Sql injection
SQL injection vulnerability in lib/optin/optinpage.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter...
CVE-2014-5189
SQL injection vulnerability in lib/optin/optinpage.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2014-3773
Multiple SQL injection vulnerabilities in TeamPass before 2.1.20 allow remote attackers to execute arbitrary SQL commands via the login parameter in a 1 sendpwbyemail or 2 generatenewpassword action in sources/main.queries.php; iDisplayStart parameter to 3 datatable.logs.php or 4 a file in...
CVE-2014-5189
Lead Octopus Power is a WordPress plugin affected by an SQL injection in lib/optin/optin_page.php via the id parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands, potentially compromising data. Public sources (NVD, WPVulnDB, PatchStack) corroborate the SQLi vecto...
CVE-2014-3773
CVE-2014-3773 concerns TeamPass prior to version 2.1.20, with multiple SQL injection vulnerabilities exposed through various parameters in the web interface. The affected components include sources/main.queries.php (login-related actions: send_pw_by_email, generate_new_password) and data handling...
CVE-2014-5183
SQL injection vulnerability in includes/mode-edit.php in the Simple Retail Menus simple-retail-menus plugin before 4.1 for WordPress allows remote authenticated editors to execute arbitrary SQL commands via the targetmenu parameter in an edit action to wp-admin/admin.php...
CVE-2014-5185
SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edit action in the quartz/quoteform.php page to wp-admin/edit.php...
Sql injection
SQL injection vulnerability in the All Video Gallery all-video-gallery plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogalleryvideos page to wp-admin/admin.php...
Sql injection
SQL injection vulnerability in includes/mode-edit.php in the Simple Retail Menus simple-retail-menus plugin before 4.1 for WordPress allows remote authenticated editors to execute arbitrary SQL commands via the targetmenu parameter in an edit action to wp-admin/admin.php...
CVE-2014-5180
SQL injection vulnerability in the videos page in the HDW Player Plugin hdw-player-video-player-video-gallery 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php...
CVE-2014-5183
SQL injection vulnerability in includes/mode-edit.php in the Simple Retail Menus simple-retail-menus plugin before 4.1 for WordPress allows remote authenticated editors to execute arbitrary SQL commands via the targetmenu parameter in an edit action to wp-admin/admin.php...
CVE-2014-5184
SQL injection vulnerability in the stripshow-storylines page in the stripShow plugin 2.5.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the story parameter in an edit action to wp-admin/admin.php...