13185 matches found
Joomla Component Inneradmission SQLi Vulnerability
Joomla! component Inneradmission is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-2736
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the 1 session ID PHPSESSID to index.php or remote authenticated users to execute arbitrary SQL commands via the 2 user parameter to connectors/security/message.php ...
Sql injection
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the 1 session ID PHPSESSID to index.php or remote authenticated users to execute arbitrary SQL commands via the 2 user parameter to connectors/security/message.php ...
CVE-2014-2737
SQL injection vulnerability in the getactivesession function in the KTAPIUserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the u parameter, related to the getFileName function...
Sql injection
Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 editadunit.php, 2 viewadunits.php, or 3 editcampaign.php in www/cp/...
Sql injection
SQL injection vulnerability in the getactivesession function in the KTAPIUserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the u parameter, related to the getFileName function...
CVE-2014-2737
SQL injection vulnerability in the getactivesession function in the KTAPIUserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the u parameter, related to the getFileName function...
CVE-2013-7369
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure...
CVE-2014-0763
Summary of CVE-2014-0763 (Advantech WebAccess) : The vulnerability affects Advantech WebAccess (7.1 and earlier) in the DBVisitor.dll component exposed via SOAP interfaces, where SOAP injection enables SQL injection through the ChartThemeConfig/service vectors. This may allow an attacker to perfo...
Sql injection
SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter...
CVE-2014-2540
SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the sitedirectorysortfield parameter to guest/sitedirectory...
Sql injection
SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the sitedirectorysortfield parameter to guest/sitedirectory...
CVE-2013-7355
SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema...
Sql injection
SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema...
CVE-2014-2708
Multiple SQL injection vulnerabilities in graphxport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the 1 graphstart, 2 graphend, 3 graphheight, 4 graphwidth, 5 graphnolegend, 6 printsource, 7 localgraphid, or 8 rraid parameter...
Sql injection
SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL commands via the new password...
Sql injection
Multiple SQL injection vulnerabilities in graphxport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the 1 graphstart, 2 graphend, 3 graphheight, 4 graphwidth, 5 graphnolegend, 6 printsource, 7 localgraphid, or 8 rraid parameter...
CVE-2014-2708
Multiple SQL injection vulnerabilities in graphxport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the 1 graphstart, 2 graphend, 3 graphheight, 4 graphwidth, 5 graphnolegend, 6 printsource, 7 localgraphid, or 8 rraid parameter...
CVE-2013-7355
CVE-2013-7355 : The Red Hat, NVD and related records describe a SQL injection vulnerability in SAP BI Universal Data Integration . It allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with the issue tied to the J2EE schema . The available sources do not provide ex...
CVE-2012-6643
Multiple SQL injection vulnerabilities in the updatecounter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to 1 videos.php or 2 channels.php. NOTE: some of these details are obtained from third party information...