13185 matches found
CVE-2010-4641
SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4636
CVE-2010-4636 is a SQL injection vulnerability in the Site2Nite Business e-Listings product, affecting the detail.asp component. The vulnerability allows remote attackers to execute arbitrary SQL commands by supplying a crafted ID parameter, enabling data exposure/modification and potential unaut...
CVE-2010-4636
SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2010-4639
CVE-2010-4639 corresponds to a SQL injection vulnerability in the MySource Matrix product, specifically in index.php where the id parameter can be manipulated to execute arbitrary SQL commands remotely. The entry has a CVSS v2 base score of 7.5 (HIGH) with network attack vector, low complexity, a...
CVE-2010-4635
CVE-2010-4635 is a SQL injection vulnerability in Site2Nite Vacation Rental (VRBO) Listings, triggered by the ID parameter in detail.asp. The issue allows remote attackers to execute arbitrary SQL commands. This is documented in the NVD entry and corroborated by multiple sources (e.g., CVE lists ...
CVE-2010-4619
SQL injection vulnerability in profil.php in Mafya Oyun Scrpti aka Mafia Game Script allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-4615
Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 arac parameter to carsdetail.asp and the 2 marka parameter to twohandscars.asp...
CVE-2010-4612
Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 usremail parameters to user/1/hregister.html, 3 usremail parameter to user/1/hlogin.html, 4 useremail paramete...
CVE-2010-4609
SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to execute arbitrary SQL commands via the nuser parameter in a registrate action...
Sql injection
SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to execute arbitrary SQL commands via the nuser parameter in a registrate action...
Sql injection
Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 arac parameter to carsdetail.asp and the 2 marka parameter to twohandscars.asp...
Sql injection
SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-0723...
CVE-2010-4612
Hycus CMS 1.0.3 is affected by CVE-2010-4612: multiple SQL injection in index.php when magic_quotes_gpc is disabled. Vulnerable parameters include user_name and usr_email (hregister.html, hlogin.html), useremail (forgotpass.html), and q (search.html). Root cause is input sanitation flaws allowing...
CVE-2010-4619
SQL injection vulnerability in profil.php in Mafya Oyun Scrpti aka Mafia Game Script allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-4614
CVE-2010-4614 concerns a SQL injection in item.php of Ero Auktion 2010. The vulnerability is triggered through the id parameter, allowing remote attackers to inject arbitrary SQL commands. This is rooted in how item.php handles the id input, enabling manipulation of the underlying database. The l...
Sql injection
SQL injection vulnerability in the JExtensions JE Auto comjeauto component 1.0 for Joomla!, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the char parameter in an item action to index.php...
CVE-2010-3922
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-3922
CVE-2010-3922 affects Movable Type: SQL injection in Movable Type 4.x before 4.35 and 5.x before 5.04 that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Documented sources confirm vulnerable product versions and impact (remote data view/ modification). Availab...
CVE-2010-3922
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4503
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...