13185 matches found
CVE-2011-5038
SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2011-5039
Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters to login.php, 3 the filter parameter to widget.dokumentilista.php, and 4 the finnalogid parameter to nalozinaslov.php...
CVE-2011-5031
Multiple SQL injection vulnerabilities in servlet/capexweb.parentvalidatepassword in cApexWEB 1.1 allow remote attackers to execute arbitrary SQL commands via the 1 dfuserid and 2 dfpassword parameters. NOTE: some of these details are obtained from third party information...
CVE-2011-5022
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via the status parameter...
Sql injection
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via the status parameter...
Sql injection
Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to fp.php, 2 epage parameter to newpage.php, 3 epost parameter to newpost.php, and 4 username parameter to login.php in admin/; or the 5 username parameter to...
CVE-2011-4847
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/...
CVE-2011-4763
Multiple SQL injection vulnerabilities in the Site Editor aka SiteBuilder feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files...
CVE-2011-4725
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by loginup.php3 and certain other files...
Sql injection
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/...
Sql injection
Multiple SQL injection vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by domains/sitebuilderedit.php and certain other files...
Sql injection
Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by file-manager/ and certain other files...
CVE-2011-4847
SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/...
CVE-2011-4824
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...
Sql injection
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary SQL commands via the 1 where and 2 order parameters in a getfulllist action to index.php...
Sql injection
SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...
CVE-2011-4824
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...
Sql injection
SQL injection vulnerability in the comlisting component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the categoryid parameter to index.php...
CVE-2011-4824
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...