Lucene search
K

13187 matches found

Prion
Prion
added 2010/01/18 8:30 p.m.17 views

Sql injection

Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotelid parameter to 1 hotel.php, 2 details.php, 3 roomtypes.php, 4 photos.php, 5 map.php, 6 weather.php, 7 reviews.php, and 8 book.p...

7.5CVSS9.3AI score0.01008EPSS
Exploits0References3
Prion
Prion
added 2010/01/18 8:30 p.m.12 views

Sql injection

SQL injection vulnerability in review.php in MYRE Holiday Rental Manager allows remote attackers to execute arbitrary SQL commands via the linkid parameter in a showreview action...

7.5CVSS9AI score0.00936EPSS
Exploits0References2
Prion
Prion
added 2010/01/18 8:30 p.m.9 views

Sql injection

SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php...

7.5CVSS9.1AI score0.01001EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2010/01/18 8:30 p.m.14 views

Sql injection

SQL injection vulnerability in the updateOnePage function in components/combfsurveypro/controller.php in BF Survey Pro Free combfsurveyprofree 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an...

7.5CVSS9AI score0.02372EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2010/01/18 8:30 p.m.13 views

Sql injection

SQL injection vulnerability in the TemplatePlaza.com TPDugg comtpdugg component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php...

7.5CVSS9.1AI score0.01619EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2010/01/18 8:0 p.m.19 views

CVE-2009-4619

SQL injection vulnerability in the Lucy Games comlucygames component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information...

8.3AI score0.01134EPSS
Exploits1References3
CVE
CVE
added 2010/01/18 8:0 p.m.58 views

CVE-2009-4625

The CVE-2009-4625 entry concerns BF Survey Pro Free (com_bfsurvey_profree) for Joomla! where the updateOnePage action (table parameter) is vulnerable to SQL injection. Affected versions include 1.2.4 and other versions prior to 1.2.6. The vulnerability arises from improper validation of the table...

7.5CVSS8.7AI score0.02372EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2010/01/18 8:0 p.m.20 views

CVE-2009-4620

SQL injection vulnerability in the Joomloc comjoomloc component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php...

8.4AI score0.01159EPSS
Exploits1References6
Cvelist
Cvelist
added 2010/01/18 8:0 p.m.20 views

CVE-2009-4618

Multiple SQL injection vulnerabilities in Tourism Script Bus Script allow remote attackers to execute arbitrary SQL commands via the sitetextid parameter to 1 aboutus.php and 2 faq.php...

8.5AI score0.00936EPSS
Exploits0References2
CVE
CVE
added 2010/01/18 8:0 p.m.41 views

CVE-2009-4624

CVE-2009-4624 affects Nicecoder iDesk via a SQL injection in download.php that is exploitable through the cat_id parameter. The vulnerability is in the application layer where user-supplied cat_id can cause arbitrary SQL execution, with impact described as arbitrary SQL commands being run by an a...

7.5CVSS8.6AI score0.0098EPSS
Exploits2References4Affected Software1
0day.today
0day.today
added 2010/01/18 12:0 a.m.49 views

SQL injection in FreePBX 2.5.1

Exploit for unknown platform in category web applications ============================== SQL injection in FreePBX 2.5.1 ============================== Advisory Name: SQL injection in FreePBX 2.5.1 Internal Cybsec Advisory Id: 2010-0103 Vulnerability Class: SQL injection Release Date: 15/01/2010...

7.1AI score
Exploits0
NVD
NVD
added 2010/01/15 7:30 p.m.14 views

CVE-2010-0341

SQL injection vulnerability in the BB Simple Jobs bbsimplejobs extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01021EPSS
Exploits0References1
NVD
NVD
added 2010/01/15 7:30 p.m.14 views

CVE-2010-0343

SQL injection vulnerability in the Clan Users List pbclanlist extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01021EPSS
Exploits0References1
Prion
Prion
added 2010/01/15 7:30 p.m.17 views

Sql injection

SQL injection vulnerability in the MJS Event Pro mjseventpro extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01021EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2010/01/15 7:30 p.m.11 views

Sql injection

SQL injection vulnerability in the Googlemaps for ttnews jfeasymaps extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.0101EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2010/01/15 7:30 p.m.14 views

Sql injection

SQL injection vulnerability in the Vote rank for news voteforttnews extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01021EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2010/01/15 7:30 p.m.9 views

Sql injection

SQL injection vulnerability in the init function in MK-AnydropdownMenu mkanydropdownmenu extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01051EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2010/01/15 7:30 p.m.15 views

Sql injection

SQL injection vulnerability in the User Links vm19userlinks extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01021EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2010/01/15 7:30 p.m.10 views

Sql injection

SQL injection vulnerability in the Helpdesk mghelp extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01013EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2010/01/15 7:30 p.m.9 views

CVE-2010-0329

SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript."...

7.5CVSS8.4AI score0.01063EPSS
Exploits0References4
Rows per page
Query Builder