13185 matches found
Sql injection
SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows remote attackers to execute arbitrary SQL commands via the img parameter...
CVE-2010-3608
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 password pw parameters to a admin.php or b user.php...
Joomla TimeTrack 1.2.4 SQL Injection
TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities Name TimeTrack Vendor http://www.itrn.de Versions Affected 1.2.4 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-09-22 X. INDEX I. ABOUT THE...
CVE-2010-3481
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password variables, possibly related to include/classes/Login.php. NOTE: some of these details are...
CVE-2010-3484
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593...
CVE-2010-3484
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593...
Sql injection
SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2010-3485
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Sql injection
SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter...
Sql injection
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593...
Sql injection
Multiple SQL injection vulnerabilities in cmswrite.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the 1 title and 2 menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication...
CVE-2009-5003
SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter...
CVE-2010-3485
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
CVE-2010-3484
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593...
CVE-2010-3481
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password variables, possibly related to include/classes/Login.php. NOTE: some of these details are...
CVE-2010-3482
CVE-2010-3482 affects Primitive CMS 1.0.9, specifically the cms_write.php component, where multiple SQL injection vulnerabilities exist in the title and menutitle parameters. The root cause is improper input handling, enabling remote authenticated administrators to execute arbitrary SQL commands....
Phpcms2008 local file inclusion vulnerabilities and using: an arbitrary SQL statement execution-vulnerability warning-the black bar safety net
Author: oldjun Recently been made an afterthought, so be despised; but there's no way to make the head of the bird is also people laughing at you! Anyway, these things throw me here also no use, will only rot in the hard disk! Thus, as long as a little wind blows grass move, I'll publish it. The...
Sql injection
SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-emailrecipient parameter to about/. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different vector than CVE-2007-3394...