13187 matches found
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection
Advisory Name: SQL injection in Manage Engine Service Desk Plus 7.6 Vulnerability Class: SQL injection Release Date: 03-18-2010 Affected Applications: Confirmed in version 7.6. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity: High – CVSS: 9...
Sql injection
SQL injection vulnerability in player.php in Left 4 Dead L4D Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter...
CVE-2010-0980
SQL injection vulnerability in player.php in Left 4 Dead L4D Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter...
CVE-2010-0981
SQL injection vulnerability in the TPJobs comtpjobs component for Joomla! allows remote attackers to execute arbitrary SQL commands via the idc parameter in a resadvsearch action to index.php...
Sql injection
SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-0964
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action...
Sql injection
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action...
CVE-2010-0970
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter...
CVE-2010-0980
SQL injection vulnerability in player.php in Left 4 Dead L4D Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter...
Sql injection
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-0974
Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 videoshow.php, 2 spotlightdetail.php, 3 realestatedetails.php, and 4 autodetails.php...
CVE-2010-0973
SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-0964
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action...
Sql injection
SQL injection vulnerability in the datamints Newsticker datamintsnewsticker extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4703
SQL injection vulnerability in the Webesse Image Gallery wsgallery extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4708
SQL injection vulnerability in the Gobernalia Front End News Submitter gbfenewssubmit extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Sql injection
SQL injection vulnerability in the Tour Extension pmtour extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...