13185 matches found
Sql injection
SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
CVE-2009-4985
SQL injection vulnerability in browse.php in Accessories Me PHP Affiliate Script 1.4 allows remote attackers to execute arbitrary SQL commands via the Go parameter...
Sql injection
SQL injection vulnerability in Cisco Wireless Control System WCS 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019...
Sql injection
SQL injection vulnerability in statistics.php in PHPKick 0.8 allows remote attackers to execute arbitrary SQL commands via the gameday parameter in an overview action...
Sql injection
SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a gameplayer action...
CVE-2010-3027
SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a gameplayer action...
CVE-2010-3027
An SQL injection in Tycoon Baseball Script 1.0.9 (index.php) allows remote execution via the game_id parameter in a game_player action. This is reported across multiple sources (NVD, Red Hat, CVE List, PRION) with base CVSS2 score 7.5 (HIGH). The connected documents do not provide a patch or work...
CVE-2010-3029
CVE-2010-3029 : PHPKick 0.8 has an SQL injection in the statistics.php file, exploitable via the gameday parameter in an overview action, allowing remote attackers to execute arbitrary SQL. The affected component is statistics.php within PHPKick 0.8; root cause is a vulnerability in input handlin...
Sql injection
SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the role parameter, a different vulnerability than CVE-2010-2577...
CVE-2010-3013
SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the role parameter, a different vulnerability than CVE-2010-2577...
CVE-2010-2933
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the avacode cookie to the "main page," related to index.php and the login task...
Sql injection
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the avacode cookie to the "main page," related to index.php and the login task...
CVE-2010-2933
The CVE-2010-2933 entry describes an SQL injection in AV Arcade 3 (AV Scripts) that can be triggered through the ava_code cookie sent to the main page (index.php, login task). Affected component: web application logic handling the ava_code cookie. Root cause: improper handling/validation of the c...
CVE-2010-2925
SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote attackers to execute arbitrary SQL commands via the ecPath parameter...
CVE-2010-2924
SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-2922
SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in the Golf Course Guide comgolfcourseguide component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php...