13187 matches found
CVE-2010-0710
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
Sql injection
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-0710
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-0702
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
Sql injection
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
Sql injection
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-0698
CVE-2010-0698 affects Dynamicsoft WSC CMS 2.2. The vulnerability is an SQL injection in backoffice/login.asp, exploitable by remote attackers via the Password parameter. Impact is partial confidentiality, integrity, and availability. The provided documents do not specify a patch or remediation; n...
CVE-2010-0702
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter...
Sql injection
SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2010-0690
SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action...
CVE-2010-0693
SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2010-0694
SQL injection vulnerability in the PerchaGallery comperchagallery component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php...
Sql injection
SQL injection vulnerability in the PerchaGallery comperchagallery component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php...
CVE-2010-0691
The vulnerability CVE-2010-0691 affects JTL-Shop 2, specifically the parameter s in the script druckansicht.php, where a SQL injection flaw allows remote attackers to execute arbitrary SQL commands. Root cause: unsafely interpolated input in the database query leads to injection. Impact per CVSS:...
CVE-2010-0677
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter...
Sql injection
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter...
CVE-2010-0677
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter...
CVE-2010-0672
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter...