CVE-2011-4824

SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...

CVE-2011-4811

SQL injection vulnerability in pokazpodkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter...

Sql injection

Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 sortfield, 2 sortorder, and 3 sall parameters to user/index.php and b user/group/index.php; the id parameter to 4 info.php, 5 perms.php, 6...

Sql injection

SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System ASAS Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...

Sql injection

SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2011-4802

Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 sortfield, 2 sortorder, and 3 sall parameters to user/index.php and b user/group/index.php; the id parameter to 4 info.php, 5 perms.php, 6...

CVE-2011-4801

SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System ASAS Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...

DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection

Title ----- DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection Severity -------- High Date Discovered --------------- November 18, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: sxkeebler and r@b13$ Vulnerability Description...

DEBIAN-CVE-2011-4349

Multiple SQL injection vulnerabilities in 1 cd-mapping-db.c and 2 cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and a device id, b property, or c profile id...

CVE-2011-2917

SQL injection vulnerability in administrator/index2.php in Mambo CMS 4.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the zorder parameter...

CVE-2011-2917

CVE-2011-2917 describes a SQL injection vulnerability in Mambo CMS

AlstraSoft EPay Enterprise 4.0 SQL Injection

Exploit Title: AlstraSoft EPay Enterprise v4.0 Blind SQL Injection Google Dork: Copyright @ 2010 iPayGold.com Date: Decembar/6/2011 Author: Don BalcanCrew & BalcanHack Software Link: http://www.alstrasoft.com/epayenterprise.htm Version: 4.0 Tested on: Apache/1.3.37 An attacker may execute arbitra...

CVE-2011-4674

SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...

CVE-2011-4674

SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...

Sql injection

Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...

Sql injection

SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...

CVE-2011-4671

SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter aka redirect URL...

CVE-2011-4673

SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2011-4674

SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the onlyhostid parameter...

Sql injection

SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode when creating a...