13185 matches found
Sql injection
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 un and 2 pw parameters...
Sql injection
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...
CVE-2010-4505
Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 un and 2 pw parameters...
CVE-2010-4500
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
Sql injection
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...
DEBIAN-CVE-2010-4257
SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...
CVE-2010-4257
SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...
Sql injection
SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...
CVE-2010-4404
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4400
SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...
CVE-2010-4404
SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-4400
SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...
ASPSiteWare JobPost 1.0 - SQL Injection
Author: R4dc0re Exploit Title: ASPSiteware JobPost SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link: www.aspsiteware.com Category:WebApp Version:1.0 Price:40$ Contact: [email protected] Website: www.1337db.com Greetings to: R0073r1337db.com, L0rd CrusAd3r,Sid3^effects and to re...
CVE-2010-4280
Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via 1 the idgroup parameter in an operation/agentes/veragente action to ajax.php or 2 the groupid parameter in an operation/agentes/estadoagente action to index.ph...
CVE-2010-3267
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...
Sql injection
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...
CVE-2010-3267
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the quid parameter to bugs.aspx, 2 the rowid parameter to deletequery.aspx, the 3 newproject or 4 usid parameter to editbug.aspx, or 5 the buglist paramet...
CVE-2010-4362
Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer Website allow remote attackers to execute arbitrary SQL commands via the 1 selStock parameter to search.asp and the 2 orderBy parameter to showAlllistings.asp...
CVE-2010-4357
SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter...
Sql injection
SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter...