13185 matches found
CVE-2010-4284
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server DMS before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4284
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server DMS before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2011-1903
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Sql injection
SQL injection vulnerability in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15su2, 7.x before 7.15su1, 8.0 before 8.03, and 8.5 before 8.51 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647...
Sql injection
Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15su3, 7.x before 7.15su4, 8.0 before 8.03asu2, and 8.5 before 8.51su1 allow remote attackers to execute...
CVE-2011-1522
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the 1 limit or 2 offset field...
SQL Injection Vulnerability in SuperCali PHP Event Calendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in SuperCali PHP Event Calendar which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerability in SuperCali PHP Event Calendar The vulnerability exists due to input sanitation errors in the "categoryi...
CVE-2010-4797
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...
CVE-2010-4793
SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2010-4800
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...
Sql injection
Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary SQL commands via the 1 provinceid parameter to search.php and the 2 e parameter to resumeview.php...
Sql injection
SQL injection vulnerability in the JS Calendar comjscalendar component 1.5.1 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the evid parameter in a details action to index.php. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...
Sql injection
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters to authenticate.php and the 3 ID parameter to pwn.php. NOTE: some of these details are obtained fr...
Sql injection
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...
Sql injection
SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager allows remote attackers to execute arbitrary SQL commands via the ID parameter...
Sql injection
SQL injection vulnerability in infusions/mguserfotoalbumpanel/mguserfotoalbum.php in the MG User-Fotoalbum mguserfotoalbumpanel module 1.0.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
CVE-2010-4800
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...
CVE-2010-4793
CVE-2010-4793 affects Site2Nite Auto e-Manager (Detail.asp) via the ID parameter. The root cause is an SQL injection vulnerability in the detail.asp page, allowing remote attackers to execute arbitrary SQL commands. Concretely, the vulnerability is triggered through the ID parameter without prope...
CVE-2010-4797
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...