13186 matches found
CVE-2010-0400
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username...
Sql injection
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username...
CVE-2010-0400
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username...
Sql injection
SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter...
CVE-2010-1271
SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter...
Sql injection
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the idauk parameter...
Sql injection
SQL injection vulnerability in Adam Corley dcsFlashGames comdcsflashgames allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php...
CVE-2010-1265
SQL injection vulnerability in Adam Corley dcsFlashGames comdcsflashgames allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php...
CVE-2010-1270
SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the idauk parameter...
INVOhost SQL Injection
Andrés Gómez Exploit Title : INVOhost SQL Injection Date : 2010-04-24 Author : Andrés Gómez Software Link : http://www.invohost.com/ Contact : [email protected] Dork : "Powered by INVOhost" An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the...
Sql injection
SQL injection vulnerability in the find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable...
CVE-2010-1133
Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to 1 tiki-searchindex.php and 2 tiki-searchresults.php...
Sql injection
Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to 1 messagebox.php and 2 request.php...
Sql injection
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an actOrderCategories action to wp-admin/post-new.php...
Sql injection
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote attackers to execute arbitrary SQL commands via 1 the word parameter in a play help action to the faq module, reachable through index.php; 2 the word parameter in a play keyw action to the link module, reachable through...
CVE-2009-4751
SQL injection vulnerability in anzeiger/start.php in Swinger Club Portal allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action...
CVE-2009-4749
Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to 1 messagebox.php and 2 request.php...
CVE-2009-4751
SQL injection vulnerability in anzeiger/start.php in Swinger Club Portal allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action...
CVE-2009-4742
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote attackers to execute arbitrary SQL commands via 1 the word parameter in a play help action to the faq module, reachable through index.php; 2 the word parameter in a play keyw action to the link module, reachable through...
CVE-2009-4748
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an actOrderCategories action to wp-admin/post-new.php...