13185 matches found
CVE-2013-6873
SQL injection vulnerability in Testa Online Test Management System OTMS 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the testid parameter...
Sql injection
SQL injection vulnerability in functions/prependadm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php...
Sql injection
SQL injection vulnerability in Testa Online Test Management System OTMS 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the testid parameter...
CVE-2013-6873
SQL injection vulnerability in Testa Online Test Management System OTMS 2.0.0.2 allows remote attackers to execute arbitrary SQL commands via the testid parameter...
CVE-2013-6875
SQL injection vulnerability in functions/prependadm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php...
CVE-2013-6176
Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute...
Sql injection
Multiple SQL injection vulnerabilities in app/models/concerns/hostcommon.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the 1 fqdn or 2 hostgroup parameter...
CVE-2013-4386
Multiple SQL injection vulnerabilities in app/models/concerns/hostcommon.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the 1 fqdn or 2 hostgroup parameter...
CVE-2013-6164
SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote attackers to execute arbitrary SQL commands via the objectId parameter...
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATHINFO to blog-by-cat/...
CVE-2013-6164
SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote attackers to execute arbitrary SQL commands via the objectId parameter...
Sql injection
SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2013-5694
SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the serviceselection parameter...
Sql injection
SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the serviceselection parameter...
CVE-2013-5694
SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the serviceselection parameter...
CVE-2013-6243
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php...
Sql injection
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...
CVE-2013-4422
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...
Sql injection
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php...
CVE-2013-4422
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ backslash in a message...