13186 matches found
Sql injection
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information...
CVE-2010-1365
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action...
CVE-2010-1369
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2010-1370
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter...
CVE-2010-1359
The CVE-2010-1359 issue affects xt:Commerce, specifically the Direct URL module’s bluegate_seo.inc.php. When magic_quotes_gpc is disabled, an input vector via the coID parameter enables SQL injection, allowing remote attackers to execute arbitrary SQL commands. The vulnerability is described cons...
CVE-2010-1343
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
Sql injection
SQL injection vulnerability in tsother.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action...
Sql injection
SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the sflaeche parameter...
CVE-2010-1341
SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the sflaeche parameter...
CVE-2010-1338
SQL injection vulnerability in tsother.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action...
Sql injection
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
Sql injection
SQL injection vulnerability in the Cookex Agency CKForms comckforms component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php...
CVE-2010-1343
SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
CVE-2010-1336
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 newlanguage parameters to site.php, 3 search parameter to manuals.php, and 4 unspecified vectors to faq.php. NOTE: some of these details are obtained from third party...
CVE-2010-1336
INVOhost 3.4 is affected by multiple SQL injection vulnerabilities. The CVE-2010-1336 entry states remote attackers can execute arbitrary SQL via (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. The OpenVAS/Duplicate e...
Sql injection
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Sql injection
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the hostid parameter...
CVE-2010-1301
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the hostid parameter...
CVE-2010-1300
The CVE-2010-1300 entry documents a SQL injection in Yamamah (aka Dove Photo Album) 1.00, exploitable via the calbums parameter in index.php. The underlying issue is improper handling of user-supplied input, allowing an attacker to inject arbitrary SQL commands. Impact as described aligns with pa...
CVE-2010-1301
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the hostid parameter...