CVE-2013-0123

CVE-2013-0123 describes multiple SQL injection vulnerabilities in the ASKIA Askiaweb administration interface. The issues allow remote attackers to execute arbitrary SQL commands through two parameters: nHistoryId (WebProd/pages/pgHistory.asp) and OrderBy (WebProd/pages/pgadmin.asp). Affected com...

Sql injection

SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...

Sql injection

SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU aka search user request...

Sql injection

SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-5760

SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2013-0701

SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege...

Sql injection

SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege...

Sql injection

SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter...

Sql injection

SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2011-5262

SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter...

Sql injection

SQL injection vulnerability in showcode.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the codeid parameter...

CVE-2012-6525

SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2012-6524

SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2012-6529

Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 galleryphoto.php or 2 gallery.php; or the roomid parameter to 3 room.php or 4 room2.php...

CVE-2012-6525

The CVE-2012-6525 entry concerns a SQL injection in PHPBridges’ members.php that allows remote attackers to execute arbitrary SQL via the id parameter. Affected software component: PHPBridges (members.php). Root cause: input handling elsewhere in the code accepts id as-is, enabling injection; exp...

CVE-2010-5287

SQL injection vulnerability in default.php in Cornerstone Technologies webConductor allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2012-6520

Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the 1 selectsort or 2 optsearchselect parameters. NOTE: this issue could not be reproduced by third parties...

CVE-2012-6519

SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter to mod.php...