13185 matches found
Sql injection
SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter...
CVE-2010-5039
SQL injection vulnerability in control/adminlogin.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter aka the UserName field. NOTE: some of these details are obtained from third party information...
CVE-2010-5020
SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2010-5026
SQL injection vulnerability in winners.php in Science Fair In A Box SFIAB 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-5004
SQL injection vulnerability in searchvote.php in 2daybiz Polls aka Advanced Poll Script allows remote attackers to execute arbitrary SQL commands via the category parameter...
CVE-2010-5034
SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter...
CVE-2010-5036
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...
CVE-2010-5043
SQL injection vulnerability in the DJ-ArtGallery comdjartgallery component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid parameter in an editItem action to administrator/index.php...
CVE-2010-5015
SQL injection vulnerability in viewphoto.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter...
CVE-2010-5000
SQL injection vulnerability in login/loginindex.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter aka Username field in a dologin action. NOTE: some of these details are obtained from third party information...
CVE-2010-5041
SQL injection vulnerability in index.php in the NPGallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action...
CVE-2010-5013
SQL injection vulnerability in listingdetail.asp in Mckenzie Creations Virtual Real Estate Manager VRM 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter...
CVE-2010-5024
SQL injection vulnerability in manage/adduser.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the userid parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-5037
SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the articleid parameter...
CVE-2010-5033
SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter...
CVE-2010-5009
SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action...
CVE-2010-5006
SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter...
CVE-2010-4997
CVE-2010-4997 affects OlyKit Swoopo Clone 2010, specifically the index.php product action handling. The vulnerability is an SQL injection via the id parameter, allowing remote attackers to execute arbitrary SQL commands. Multiple reputable sources (NVD entry, Red Hat advisory, PRION/NVD mirrors) ...
CVE-2010-4986
SQL injection vulnerability in detail.php in Simple Document Management System SDMS allows remote attackers to execute arbitrary SQL commands via the docid parameter...
CVE-2010-4984
SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box...