13185 matches found
Sql injection
SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the wheretime parameter in a get action...
Sql injection
SQL injection vulnerability in include/admin/modelfield.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flashupload.php...
CVE-2011-0645
SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the wheretime parameter in a get action...
CVE-2011-0644
SQL injection vulnerability in include/admin/modelfield.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flashupload.php...
CVE-2011-0516
SQL injection vulnerability in mainxa.php in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 allows remote attackers to execute arbitrary SQL commands via the bid parameter...
CVE-2011-0510
SQL injection vulnerability in cart.php in Advanced Webhost Billing System AWBS 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an addother action...
Sql injection
SQL injection vulnerability in cart.php in Advanced Webhost Billing System AWBS 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an addother action...
Sql injection
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in mainxa.php in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 allows remote attackers to execute arbitrary SQL commands via the bid parameter...
Sql injection
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Sql injection
SQL injection vulnerability in team.php in the Teams Structure module 3.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the teamid parameter...
CVE-2011-0511
SQL injection vulnerability in the allCineVid component comallcinevid 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php...
CVE-2010-4703
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2011-0519
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-4166
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via 1 the filterorder parameter in a comweblinks category action to index.php, 2 the filterorderDir parameter in a comweblinks category action to index.php, or 3 the...
Sql injection
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the 1 filterorder or 2 filterorderDir parameter in a comcontact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this...
CVE-2010-4166
CVE-2010-4166 documents multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22. The affected software is Joomla! (1.5.x series); the vulnerabilities occur in the web application logic where attacker-controlled input can influence SQL queries. Specifically, arbitrary SQL commands ca...
Sql injection
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter...
CVE-2010-0115
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter...
CVE-2010-3924
SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...